Ahoj,
po startu NTB mám RAM vytíženou na cca 40% aniž bych měl něco spuštěného (celkem 4 GB RAM). Navíc mi občas nefunguje levé nebo pravé tlačítko myši. Os Win 7 home 64bit. Prosím o kontrolu logu z RSITx64.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2017-10-13 14:13:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 412 GB (89%) free of 463 GB
Total RAM: 3767 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:13:47, on 13.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4672y278
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Communications - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9615 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
taskeng.exe {17369B3C-B8E4-4871-956C-F4A8BAD1063A}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\user\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-36.4.22 --annotation=client_session_id=e371b59e-8b39-42a2-ba8f-7b995fd4214a --annotation=host_int_account1_boot=28315824128 --annotation=machine_id=e7dec311-c751-4b60-b2b7-72119216c0b8 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xc0,0xd0,0xd4,0xcc,0xd8,0x6f425810,0x6f425820,0x6f425830
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:e371b59e-8b39-42a2-ba8f-7b995fd4214a -target-handle:204 -target-shutdown-event:216 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_3916_GKXDZAEKYBRHNIMS
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
taskmgr.exe /3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\user\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7feed6c1988,0x7feed6c1948,0x7feed6c1958
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5048 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1196,17936811634561414762,7626197989524753099,131072 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --gpu-driver-date=3-31-2010 --service-request-channel-token=BE003468BB6C3C319BC9649429A0C067 --mojo-platform-channel-handle=1212 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,17936811634561414762,7626197989524753099,131072 --service-pipe-token=DEF8069699DA0D93A57C7B46C404A896 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=DEF8069699DA0D93A57C7B46C404A896 --renderer-client-id=9 --mojo-platform-channel-handle=4696 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1868236279-2484191223-2234905634-10006_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1868236279-2484191223-2234905634-10006 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\RSIT\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11 231112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11 586528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11 2095920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11 414496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-04-01 558168]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-04-01 349272]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-04-09 206208]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]
"ALU"=C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2017-04-21 2379056]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-05-03 1480032]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-03 3481912]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 269824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-13 11:30:23 ----A---- C:\Windows\ntbtlog.txt
2017-10-13 11:26:44 ----D---- C:\AdwCleaner
2017-10-13 11:16:55 ----D---- C:\FRST
2017-10-13 10:48:15 ----D---- C:\Program Files\trend micro
2017-10-13 10:47:32 ----D---- C:\RSIT
2017-10-10 19:53:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:49:51 ----SHD---- C:\Config.Msi
2017-10-10 19:25:16 ----A---- C:\Windows\system32\mshtml.dll
2017-10-10 19:25:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-10 19:25:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-10 19:25:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-10 19:25:11 ----A---- C:\Windows\system32\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\system32\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-10 19:25:06 ----A---- C:\Windows\system32\win32k.sys
2017-10-10 19:25:06 ----A---- C:\Windows\system32\iertutil.dll
2017-10-10 19:25:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\tquery.dll
2017-10-10 19:25:03 ----A---- C:\Windows\system32\mf.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\Query.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-10 19:25:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-10 19:25:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\wlansec.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24:58 ----A---- C:\Windows\system32\mfps.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\gdi32.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\vbscript.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\ntdll.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\certcli.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\smss.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mssrch.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kernel32.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kerberos.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieui.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64win.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\winsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\srcore.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssph.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\lsass.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\inseng.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\iesetup.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-10 19:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\conhost.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\rstrui.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\icaapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-10 19:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\adtschema.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-04 11:44:38 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)\Dropbox
2017-10-04 11:42:58 ----D---- C:\ProgramData\Dropbox
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\DbxSvc.exe
2017-09-14 21:29:21 ----A---- C:\Windows\system32\shell32.dll
2017-09-14 21:29:16 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29:16 ----A---- C:\Windows\system32\mmc.exe
2017-09-14 21:29:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-09-14 21:29:11 ----A---- C:\Windows\system32\localspl.dll
2017-09-14 21:29:10 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-09-14 21:29:10 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-09-14 21:29:10 ----A---- C:\Windows\system32\win32spl.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-09-14 21:29:09 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-14 21:29:09 ----A---- C:\Windows\system32\usp10.dll
2017-09-14 21:29:08 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\ntprint.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-14 21:29:08 ----A---- C:\Windows\system32\cic.dll
2017-09-14 21:29:07 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-09-14 21:29:03 ----A---- C:\Windows\system32\ole32.dll
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\rpcss.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\ntprint.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\inetpp.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29:01 ----A---- C:\Windows\system32\winnsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\nsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\inetppui.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\comcat.dll
2017-09-14 21:29:00 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-09-14 21:29:00 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-09-14 21:29:00 ----A---- C:\Windows\system32\oleres.dll
======List of files/folders modified in the last 1 month======
2017-10-13 14:13:46 ----D---- C:\Windows\Temp
2017-10-13 14:07:55 ----D---- C:\Windows\system32\config
2017-10-13 14:05:05 ----D---- C:\Windows\inf
2017-10-13 14:04:50 ----A---- C:\Windows\SYSWOW64\log.txt
2017-10-13 14:04:21 ----AD---- C:\Windows
2017-10-13 11:29:01 ----HD---- C:\ProgramData
2017-10-13 11:01:12 ----D---- C:\Install
2017-10-13 11:00:45 ----D---- C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00:21 ----D---- C:\Windows\Panther
2017-10-13 11:00:18 ----D---- C:\Windows\Logs
2017-10-13 11:00:18 ----D---- C:\Windows\debug
2017-10-13 10:48:15 ----RD---- C:\Program Files
2017-10-13 10:35:06 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2017-10-12 19:50:39 ----D---- C:\Windows\Microsoft.NET
2017-10-11 21:57:05 ----D---- C:\Windows\System32
2017-10-11 21:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:50:39 ----D---- C:\Windows\winsxs
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\migration
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-10 20:44:59 ----D---- C:\Windows\SysWOW64
2017-10-10 20:44:59 ----D---- C:\Program Files\Internet Explorer
2017-10-10 20:44:59 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-10 20:44:58 ----D---- C:\Windows\system32\migration
2017-10-10 20:44:58 ----D---- C:\Windows\system32\en-US
2017-10-10 20:44:58 ----D---- C:\Windows\system32\drivers
2017-10-10 20:44:58 ----D---- C:\Windows\system32\cs-CZ
2017-10-10 20:44:56 ----D---- C:\Windows\system32\Boot
2017-10-10 20:44:56 ----D---- C:\Windows\AppPatch
2017-10-10 19:56:49 ----D---- C:\Windows\system32\MRT
2017-10-10 19:53:25 ----AC---- C:\Windows\system32\MRT.exe
2017-10-10 19:53:13 ----SHD---- C:\Windows\Installer
2017-10-10 19:50:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-10 19:46:56 ----SHD---- C:\System Volume Information
2017-10-10 19:21:12 ----D---- C:\Windows\system32\catroot2
2017-10-09 20:32:11 ----D---- C:\Windows\Prefetch
2017-10-08 14:44:55 ----D---- C:\Program Files\KMSpico
2017-10-08 13:23:48 ----D---- C:\Windows\system32\Tasks
2017-10-04 11:43:15 ----D---- C:\Windows\Tasks
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)
2017-09-25 19:06:51 ----D---- C:\Program Files (x86)\TeamViewer
2017-09-20 14:27:38 ----D---- C:\Windows\rescache
2017-09-20 11:53:06 ----RSD---- C:\Windows\assembly
2017-09-14 21:04:32 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2016-03-25 213736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-03-25 60416]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-30 32296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 39464]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-30 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 294952]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 53800]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 154792]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-03-30 264232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2016-03-25 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-03-25 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-03-25 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-03-25 12520]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-06-05 2855152]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-10-03 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-03-25 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-06-04 5132888]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-09-04 867080]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-06-05 212184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-09-04 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2016-03-25 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
RAM vytížená po startu na cca 40%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RAM vytížená po startu na cca 40%
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
Zdravím, log z AdwCleaneru
# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 13 16:32:01 2017
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-12-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1306 B] - [2017/10/13 9:29:4]
C:/AdwCleaner/AdwCleaner[S0].txt - [1162 B] - [2017/10/13 9:27:51]
C:/AdwCleaner/AdwCleaner[S1].txt - [1087 B] - [2017/10/13 9:32:32]
C:/AdwCleaner/AdwCleaner[S2].txt - [1155 B] - [2017/10/13 9:36:44]
C:/AdwCleaner/AdwCleaner[S3].txt - [1223 B] - [2017/10/13 12:12:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########
# AdwCleaner 7.0.3.1 - Logfile created on Fri Oct 13 16:32:01 2017
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-12-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1306 B] - [2017/10/13 9:29:4]
C:/AdwCleaner/AdwCleaner[S0].txt - [1162 B] - [2017/10/13 9:27:51]
C:/AdwCleaner/AdwCleaner[S1].txt - [1087 B] - [2017/10/13 9:32:32]
C:/AdwCleaner/AdwCleaner[S2].txt - [1155 B] - [2017/10/13 9:36:44]
C:/AdwCleaner/AdwCleaner[S3].txt - [1223 B] - [2017/10/13 12:12:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RAM vytížená po startu na cca 40%
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
NTB se po restartu nechtěl normálně spustit, resetoval se, ale dal jsem F8 a vybral normálně spuštění... a pak bez problémů nastartoval do Windows. Nyní je vytížení RAM na cca 36%.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
Ran by user (administrator) on PB (13-10-2017 20:20:22)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349272 2010-04-01] (Atheros Communications)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-04-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated)
HKLM\...\Run: [ALU] => C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2379056 2017-04-21] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1480032 2010-05-03] (Suyin)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-10-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E0FA730-E093-4916-A64F-DFBB14AF12DF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0405&m=easynote_tm87&r=27360917e915l0464z1m5f4672y278
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> is enabled.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-10-13]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-09]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-09]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-10]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-10-13]
CHR Extension: (Bookmark Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnboppjpcdnckcklbmjmdahfkpmgglec [2017-09-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [866336 2010-03-17] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:13 - 2017-10-13 20:13 - 000000000 ____D C:\_OTM
2017-10-13 20:11 - 2017-10-13 20:11 - 000522240 _____ (OldTimer Tools) C:\Users\user\Desktop\OTM.exe
2017-10-13 18:30 - 2017-10-13 11:24 - 008250832 _____ (Malwarebytes) C:\Users\user\Desktop\AdwCleaner.exe
2017-10-13 14:11 - 2017-10-13 20:11 - 000000000 ____D C:\Users\user\Downloads\viry.cz
2017-10-13 11:30 - 2017-10-13 11:35 - 000244516 _____ C:\Windows\ntbtlog.txt
2017-10-13 11:26 - 2017-10-13 18:32 - 000000000 ____D C:\AdwCleaner
2017-10-13 11:17 - 2017-10-13 20:21 - 000014243 _____ C:\Users\user\Desktop\FRST.txt
2017-10-13 11:16 - 2017-10-13 20:20 - 000000000 ____D C:\FRST
2017-10-13 11:13 - 2017-10-13 11:13 - 002401792 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-10-13 10:48 - 2017-10-13 14:13 - 000000000 ____D C:\Program Files\trend micro
2017-10-13 10:47 - 2017-10-13 14:13 - 000000000 ____D C:\RSIT
2017-10-12 05:08 - 2017-10-12 05:08 - 000000000 ____D C:\Users\user\Documents\Poznámkové bloky aplikace OneNote
2017-10-10 19:53 - 2017-10-10 19:53 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:25 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-10 19:25 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-10 19:25 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-10 19:25 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-10 19:25 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-10 19:25 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-10 19:25 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-10 19:25 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-10 19:25 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-10 19:25 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-10 19:25 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-10 19:25 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-10 19:25 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-10 19:25 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-10 19:25 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-10 19:25 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-10 19:25 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-10 19:25 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-10 19:25 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-10 19:25 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-10 19:24 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-10 19:24 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-10 19:24 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-10 19:24 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-10 19:24 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-10 19:24 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-10 19:24 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-10 19:24 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-10 19:24 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-10 19:24 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-10 19:24 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-10 19:24 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-10 19:24 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-10 19:24 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-10 19:24 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-10 19:24 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-10 19:24 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-10 19:24 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-10 19:24 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-10 19:24 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-10 19:24 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-10 19:24 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-10 19:24 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-10 19:24 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-10 19:24 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-10 19:24 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-10 19:24 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-10 19:24 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-10 19:24 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-10 19:24 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-10 19:24 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-10 19:24 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-10 19:24 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-10 19:24 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-10 19:24 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 12:01 - 2017-10-08 12:01 - 006753408 _____ (ESET spol. s r.o.) C:\Users\user\Downloads\esetonlinescanner_csy.exe
2017-10-08 12:01 - 2017-10-08 12:01 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2017-10-04 11:49 - 2017-10-06 14:38 - 000000000 ___RD C:\Users\user\Dropbox
2017-10-04 11:49 - 2017-10-04 11:49 - 000001202 _____ C:\Users\user\Desktop\Dropbox.lnk
2017-10-04 11:47 - 2017-10-04 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-04 11:44 - 2017-10-04 11:44 - 000000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43 - 2017-10-13 20:17 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-04 11:43 - 2017-10-13 19:48 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-04 11:43 - 2017-10-04 11:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-04 11:43 - 2017-10-04 11:43 - 000003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-10-04 11:43 - 2017-10-04 11:43 - 000003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-10-04 11:42 - 2017-10-07 09:55 - 000000000 ____D C:\Users\user\AppData\Local\Dropbox
2017-10-04 11:42 - 2017-10-04 11:42 - 000690080 _____ (Dropbox, Inc.) C:\Users\user\Downloads\DropboxInstaller.exe
2017-10-04 11:42 - 2017-10-04 11:42 - 000000000 ____D C:\ProgramData\Dropbox
2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-14 21:29 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-14 21:29 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-14 21:29 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-14 21:29 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-14 21:29 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-14 21:29 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-14 21:29 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-14 21:29 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-13 11:01 - 2017-09-11 08:50 - 000000000 ____D C:\Install
2017-10-13 11:00 - 2017-09-04 15:19 - 000000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00 - 2017-09-04 10:41 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-10-13 11:00 - 2010-04-26 07:40 - 000000000 ____D C:\Windows\Panther
2017-10-11 21:57 - 2017-09-04 19:01 - 000668792 _____ C:\Windows\system32\perfh005.dat
2017-10-11 21:57 - 2017-09-04 19:01 - 000141420 _____ C:\Windows\system32\perfc005.dat
2017-10-11 21:57 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:49 - 2009-07-14 06:45 - 000453776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-10 19:56 - 2017-09-04 18:15 - 000000000 ____D C:\Windows\system32\MRT
2017-10-10 19:53 - 2017-09-04 18:14 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-10 19:50 - 2017-09-04 20:39 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-08 14:44 - 2017-09-11 14:18 - 000000000 ____D C:\Program Files\KMSpico
2017-10-08 13:23 - 2017-09-11 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-10-01 09:41 - 2017-09-09 19:05 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-01 09:41 - 2017-09-09 19:05 - 000002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000931 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-20 14:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-12 20:14
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
Ran by user (administrator) on PB (13-10-2017 20:20:22)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349272 2010-04-01] (Atheros Communications)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-04-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated)
HKLM\...\Run: [ALU] => C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2379056 2017-04-21] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1480032 2010-05-03] (Suyin)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-10-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E0FA730-E093-4916-A64F-DFBB14AF12DF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0405&m=easynote_tm87&r=27360917e915l0464z1m5f4672y278
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> is enabled.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-10-13]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-09]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-09]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-10]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-10-13]
CHR Extension: (Bookmark Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnboppjpcdnckcklbmjmdahfkpmgglec [2017-09-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [866336 2010-03-17] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:13 - 2017-10-13 20:13 - 000000000 ____D C:\_OTM
2017-10-13 20:11 - 2017-10-13 20:11 - 000522240 _____ (OldTimer Tools) C:\Users\user\Desktop\OTM.exe
2017-10-13 18:30 - 2017-10-13 11:24 - 008250832 _____ (Malwarebytes) C:\Users\user\Desktop\AdwCleaner.exe
2017-10-13 14:11 - 2017-10-13 20:11 - 000000000 ____D C:\Users\user\Downloads\viry.cz
2017-10-13 11:30 - 2017-10-13 11:35 - 000244516 _____ C:\Windows\ntbtlog.txt
2017-10-13 11:26 - 2017-10-13 18:32 - 000000000 ____D C:\AdwCleaner
2017-10-13 11:17 - 2017-10-13 20:21 - 000014243 _____ C:\Users\user\Desktop\FRST.txt
2017-10-13 11:16 - 2017-10-13 20:20 - 000000000 ____D C:\FRST
2017-10-13 11:13 - 2017-10-13 11:13 - 002401792 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-10-13 10:48 - 2017-10-13 14:13 - 000000000 ____D C:\Program Files\trend micro
2017-10-13 10:47 - 2017-10-13 14:13 - 000000000 ____D C:\RSIT
2017-10-12 05:08 - 2017-10-12 05:08 - 000000000 ____D C:\Users\user\Documents\Poznámkové bloky aplikace OneNote
2017-10-10 19:53 - 2017-10-10 19:53 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:25 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-10 19:25 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-10 19:25 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-10 19:25 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-10 19:25 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-10 19:25 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-10 19:25 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-10 19:25 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-10 19:25 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-10 19:25 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-10 19:25 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-10 19:25 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-10 19:25 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-10 19:25 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-10 19:25 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-10 19:25 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-10 19:25 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-10 19:25 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-10 19:25 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-10 19:25 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-10 19:24 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-10 19:24 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-10 19:24 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-10 19:24 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-10 19:24 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-10 19:24 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-10 19:24 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-10 19:24 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-10 19:24 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-10 19:24 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-10 19:24 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-10 19:24 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-10 19:24 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-10 19:24 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-10 19:24 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-10 19:24 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-10 19:24 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-10 19:24 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-10 19:24 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-10 19:24 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-10 19:24 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-10 19:24 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-10 19:24 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-10 19:24 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-10 19:24 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-10 19:24 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-10 19:24 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-10 19:24 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-10 19:24 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-10 19:24 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-10 19:24 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-10 19:24 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-10 19:24 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-10 19:24 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-10 19:24 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 12:01 - 2017-10-08 12:01 - 006753408 _____ (ESET spol. s r.o.) C:\Users\user\Downloads\esetonlinescanner_csy.exe
2017-10-08 12:01 - 2017-10-08 12:01 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2017-10-04 11:49 - 2017-10-06 14:38 - 000000000 ___RD C:\Users\user\Dropbox
2017-10-04 11:49 - 2017-10-04 11:49 - 000001202 _____ C:\Users\user\Desktop\Dropbox.lnk
2017-10-04 11:47 - 2017-10-04 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-04 11:44 - 2017-10-04 11:44 - 000000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43 - 2017-10-13 20:17 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-04 11:43 - 2017-10-13 19:48 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-04 11:43 - 2017-10-04 11:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-04 11:43 - 2017-10-04 11:43 - 000003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-10-04 11:43 - 2017-10-04 11:43 - 000003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-10-04 11:42 - 2017-10-07 09:55 - 000000000 ____D C:\Users\user\AppData\Local\Dropbox
2017-10-04 11:42 - 2017-10-04 11:42 - 000690080 _____ (Dropbox, Inc.) C:\Users\user\Downloads\DropboxInstaller.exe
2017-10-04 11:42 - 2017-10-04 11:42 - 000000000 ____D C:\ProgramData\Dropbox
2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-14 21:29 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-14 21:29 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-14 21:29 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-14 21:29 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-14 21:29 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-14 21:29 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-14 21:29 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-14 21:29 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-13 11:01 - 2017-09-11 08:50 - 000000000 ____D C:\Install
2017-10-13 11:00 - 2017-09-04 15:19 - 000000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00 - 2017-09-04 10:41 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-10-13 11:00 - 2010-04-26 07:40 - 000000000 ____D C:\Windows\Panther
2017-10-11 21:57 - 2017-09-04 19:01 - 000668792 _____ C:\Windows\system32\perfh005.dat
2017-10-11 21:57 - 2017-09-04 19:01 - 000141420 _____ C:\Windows\system32\perfc005.dat
2017-10-11 21:57 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:49 - 2009-07-14 06:45 - 000453776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-10 19:56 - 2017-09-04 18:15 - 000000000 ____D C:\Windows\system32\MRT
2017-10-10 19:53 - 2017-09-04 18:14 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-10 19:50 - 2017-09-04 20:39 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-08 14:44 - 2017-09-11 14:18 - 000000000 ____D C:\Program Files\KMSpico
2017-10-08 13:23 - 2017-09-11 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-10-01 09:41 - 2017-09-09 19:05 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-01 09:41 - 2017-09-09 19:05 - 000002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000931 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-20 14:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-12 20:14
==================== End of FRST.txt ============================
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
NTB se po restartu nechtěl normálně spustit, resetoval se, ale dal jsem F8 a vybral normálně spuštění... a pak bez problémů nastartoval do Windows. Nyní je vytížení RAM na cca 36%.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
Ran by user (administrator) on PB (13-10-2017 20:20:22)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349272 2010-04-01] (Atheros Communications)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-04-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated)
HKLM\...\Run: [ALU] => C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2379056 2017-04-21] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1480032 2010-05-03] (Suyin)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-10-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E0FA730-E093-4916-A64F-DFBB14AF12DF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0405&m=easynote_tm87&r=27360917e915l0464z1m5f4672y278
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> is enabled.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-10-13]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-09]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-09]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-10]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-10-13]
CHR Extension: (Bookmark Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnboppjpcdnckcklbmjmdahfkpmgglec [2017-09-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [866336 2010-03-17] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:13 - 2017-10-13 20:13 - 000000000 ____D C:\_OTM
2017-10-13 20:11 - 2017-10-13 20:11 - 000522240 _____ (OldTimer Tools) C:\Users\user\Desktop\OTM.exe
2017-10-13 18:30 - 2017-10-13 11:24 - 008250832 _____ (Malwarebytes) C:\Users\user\Desktop\AdwCleaner.exe
2017-10-13 14:11 - 2017-10-13 20:11 - 000000000 ____D C:\Users\user\Downloads\viry.cz
2017-10-13 11:30 - 2017-10-13 11:35 - 000244516 _____ C:\Windows\ntbtlog.txt
2017-10-13 11:26 - 2017-10-13 18:32 - 000000000 ____D C:\AdwCleaner
2017-10-13 11:17 - 2017-10-13 20:21 - 000014243 _____ C:\Users\user\Desktop\FRST.txt
2017-10-13 11:16 - 2017-10-13 20:20 - 000000000 ____D C:\FRST
2017-10-13 11:13 - 2017-10-13 11:13 - 002401792 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-10-13 10:48 - 2017-10-13 14:13 - 000000000 ____D C:\Program Files\trend micro
2017-10-13 10:47 - 2017-10-13 14:13 - 000000000 ____D C:\RSIT
2017-10-12 05:08 - 2017-10-12 05:08 - 000000000 ____D C:\Users\user\Documents\Poznámkové bloky aplikace OneNote
2017-10-10 19:53 - 2017-10-10 19:53 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:25 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-10 19:25 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-10 19:25 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-10 19:25 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-10 19:25 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-10 19:25 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-10 19:25 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-10 19:25 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-10 19:25 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-10 19:25 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-10 19:25 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-10 19:25 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-10 19:25 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-10 19:25 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-10 19:25 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-10 19:25 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-10 19:25 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-10 19:25 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-10 19:25 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-10 19:25 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-10 19:24 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-10 19:24 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-10 19:24 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-10 19:24 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-10 19:24 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-10 19:24 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-10 19:24 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-10 19:24 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-10 19:24 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-10 19:24 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-10 19:24 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-10 19:24 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-10 19:24 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-10 19:24 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-10 19:24 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-10 19:24 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-10 19:24 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-10 19:24 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-10 19:24 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-10 19:24 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-10 19:24 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-10 19:24 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-10 19:24 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-10 19:24 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-10 19:24 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-10 19:24 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-10 19:24 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-10 19:24 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-10 19:24 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-10 19:24 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-10 19:24 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-10 19:24 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-10 19:24 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-10 19:24 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-10 19:24 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 12:01 - 2017-10-08 12:01 - 006753408 _____ (ESET spol. s r.o.) C:\Users\user\Downloads\esetonlinescanner_csy.exe
2017-10-08 12:01 - 2017-10-08 12:01 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2017-10-04 11:49 - 2017-10-06 14:38 - 000000000 ___RD C:\Users\user\Dropbox
2017-10-04 11:49 - 2017-10-04 11:49 - 000001202 _____ C:\Users\user\Desktop\Dropbox.lnk
2017-10-04 11:47 - 2017-10-04 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-04 11:44 - 2017-10-04 11:44 - 000000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43 - 2017-10-13 20:17 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-04 11:43 - 2017-10-13 19:48 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-04 11:43 - 2017-10-04 11:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-04 11:43 - 2017-10-04 11:43 - 000003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-10-04 11:43 - 2017-10-04 11:43 - 000003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-10-04 11:42 - 2017-10-07 09:55 - 000000000 ____D C:\Users\user\AppData\Local\Dropbox
2017-10-04 11:42 - 2017-10-04 11:42 - 000690080 _____ (Dropbox, Inc.) C:\Users\user\Downloads\DropboxInstaller.exe
2017-10-04 11:42 - 2017-10-04 11:42 - 000000000 ____D C:\ProgramData\Dropbox
2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-14 21:29 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-14 21:29 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-14 21:29 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-14 21:29 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-14 21:29 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-14 21:29 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-14 21:29 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-14 21:29 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-13 11:01 - 2017-09-11 08:50 - 000000000 ____D C:\Install
2017-10-13 11:00 - 2017-09-04 15:19 - 000000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00 - 2017-09-04 10:41 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-10-13 11:00 - 2010-04-26 07:40 - 000000000 ____D C:\Windows\Panther
2017-10-11 21:57 - 2017-09-04 19:01 - 000668792 _____ C:\Windows\system32\perfh005.dat
2017-10-11 21:57 - 2017-09-04 19:01 - 000141420 _____ C:\Windows\system32\perfc005.dat
2017-10-11 21:57 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:49 - 2009-07-14 06:45 - 000453776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-10 19:56 - 2017-09-04 18:15 - 000000000 ____D C:\Windows\system32\MRT
2017-10-10 19:53 - 2017-09-04 18:14 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-10 19:50 - 2017-09-04 20:39 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-08 14:44 - 2017-09-11 14:18 - 000000000 ____D C:\Program Files\KMSpico
2017-10-08 13:23 - 2017-09-11 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-10-01 09:41 - 2017-09-09 19:05 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-01 09:41 - 2017-09-09 19:05 - 000002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000931 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-20 14:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-12 20:14
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2017
Ran by user (administrator) on PB (13-10-2017 20:20:22)
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Suyin) C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349272 2010-04-01] (Atheros Communications)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-04-09] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9913376 2009-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [860704 2010-03-17] (Acer Incorporated)
HKLM\...\Run: [ALU] => C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2379056 2017-04-21] (Acer Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-24] (Intel Corporation)
HKLM-x32\...\Run: [VideoWebCamera] => C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [1480032 2010-05-03] (Suyin)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-10-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9E0FA730-E093-4916-A64F-DFBB14AF12DF}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1868236279-2484191223-2234905634-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0405&m=easynote_tm87&r=27360917e915l0464z1m5f4672y278
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACPW
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-1868236279-2484191223-2234905634-1000 -> is enabled.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-11] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-10-13]
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-09]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-09]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-10]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-10-13]
CHR Extension: (Bookmark Checker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnboppjpcdnckcklbmjmdahfkpmgglec [2017-09-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [866336 2010-03-17] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [257440 2016-06-08] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:13 - 2017-10-13 20:13 - 000000000 ____D C:\_OTM
2017-10-13 20:11 - 2017-10-13 20:11 - 000522240 _____ (OldTimer Tools) C:\Users\user\Desktop\OTM.exe
2017-10-13 18:30 - 2017-10-13 11:24 - 008250832 _____ (Malwarebytes) C:\Users\user\Desktop\AdwCleaner.exe
2017-10-13 14:11 - 2017-10-13 20:11 - 000000000 ____D C:\Users\user\Downloads\viry.cz
2017-10-13 11:30 - 2017-10-13 11:35 - 000244516 _____ C:\Windows\ntbtlog.txt
2017-10-13 11:26 - 2017-10-13 18:32 - 000000000 ____D C:\AdwCleaner
2017-10-13 11:17 - 2017-10-13 20:21 - 000014243 _____ C:\Users\user\Desktop\FRST.txt
2017-10-13 11:16 - 2017-10-13 20:20 - 000000000 ____D C:\FRST
2017-10-13 11:13 - 2017-10-13 11:13 - 002401792 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2017-10-13 10:48 - 2017-10-13 14:13 - 000000000 ____D C:\Program Files\trend micro
2017-10-13 10:47 - 2017-10-13 14:13 - 000000000 ____D C:\RSIT
2017-10-12 05:08 - 2017-10-12 05:08 - 000000000 ____D C:\Users\user\Documents\Poznámkové bloky aplikace OneNote
2017-10-10 19:53 - 2017-10-10 19:53 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:25 - 2017-09-13 17:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-10 19:25 - 2017-09-13 17:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-10 19:25 - 2017-09-08 17:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-10 19:25 - 2017-09-08 17:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-10 19:25 - 2017-09-08 17:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-10 19:25 - 2017-09-08 17:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-10 19:25 - 2017-09-07 23:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-10 19:25 - 2017-09-07 23:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-10 19:25 - 2017-09-07 23:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-10 19:25 - 2017-09-07 22:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-10 19:25 - 2017-09-07 22:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 21:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-10 19:25 - 2017-09-07 21:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-10 19:25 - 2017-09-07 21:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-10 19:25 - 2017-09-07 21:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-10 19:25 - 2017-09-07 21:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-10 19:25 - 2017-09-07 21:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-10 19:25 - 2017-09-07 20:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-10 19:25 - 2017-09-07 20:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-10 19:25 - 2017-09-07 20:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-10 19:25 - 2017-09-07 20:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-10 19:25 - 2017-09-07 20:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-10 19:25 - 2017-09-07 19:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-10 19:25 - 2017-09-07 16:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-10 19:25 - 2017-08-19 17:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-10 19:25 - 2017-08-14 19:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-10 19:24 - 2017-09-13 17:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-10 19:24 - 2017-09-13 17:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-10 19:24 - 2017-09-13 17:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-10 19:24 - 2017-09-13 17:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 17:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-10 19:24 - 2017-09-13 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 17:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-10 19:24 - 2017-09-13 17:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-10 19:24 - 2017-09-13 17:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24 - 2017-09-13 16:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-10 19:24 - 2017-09-13 16:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-10 19:24 - 2017-09-13 16:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-10 19:24 - 2017-09-13 16:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-10 19:24 - 2017-09-13 16:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-10 19:24 - 2017-09-13 16:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-10 19:24 - 2017-09-13 16:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-10 19:24 - 2017-09-13 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-10 19:24 - 2017-09-13 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24 - 2017-09-13 16:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-10 19:24 - 2017-09-09 02:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24 - 2017-09-09 01:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-10 19:24 - 2017-09-08 17:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 17:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-10 19:24 - 2017-09-08 17:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-10 19:24 - 2017-09-08 17:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-10 19:24 - 2017-09-08 17:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-10 19:24 - 2017-09-08 17:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-10 19:24 - 2017-09-08 16:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-10 19:24 - 2017-09-08 16:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-10 19:24 - 2017-09-07 23:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 23:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-10 19:24 - 2017-09-07 23:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-10 19:24 - 2017-09-07 23:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-10 19:24 - 2017-09-07 23:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-10 19:24 - 2017-09-07 23:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 23:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 23:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-10 19:24 - 2017-09-07 23:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 23:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 23:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24 - 2017-09-07 22:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24 - 2017-09-07 22:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 22:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 22:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-10 19:24 - 2017-09-07 22:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-10 19:24 - 2017-09-07 22:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-10 19:24 - 2017-09-07 22:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 22:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 22:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-10 19:24 - 2017-09-07 22:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-10 19:24 - 2017-09-07 22:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24 - 2017-09-07 22:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 22:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 21:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-10 19:24 - 2017-09-07 21:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 21:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-10 19:24 - 2017-09-07 21:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-10 19:24 - 2017-09-07 21:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-10 19:24 - 2017-09-07 21:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-10 19:24 - 2017-09-07 21:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-10 19:24 - 2017-09-07 21:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-10 19:24 - 2017-09-07 20:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-10 19:24 - 2017-09-07 20:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-10 19:24 - 2017-09-07 20:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-10 19:24 - 2017-09-07 20:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-10 19:24 - 2017-09-07 20:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24 - 2017-09-07 20:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-10 19:24 - 2017-09-07 20:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-10 19:24 - 2017-09-07 20:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-10 19:24 - 2017-09-07 20:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-10 19:24 - 2017-09-07 20:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-10 19:24 - 2017-09-07 20:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-10 19:24 - 2017-09-07 20:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-10 19:24 - 2017-09-07 20:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-10 19:24 - 2017-09-07 19:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-10 19:24 - 2017-09-07 17:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-10 19:24 - 2017-09-07 17:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-10 19:24 - 2017-09-07 16:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-10 19:24 - 2017-09-07 16:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-10 19:24 - 2017-08-19 17:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-10 19:24 - 2017-08-19 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-10 19:24 - 2017-08-19 17:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 17:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-10 19:24 - 2017-08-19 16:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-10 19:24 - 2017-08-14 19:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-10 19:24 - 2017-08-13 23:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 12:01 - 2017-10-08 12:01 - 006753408 _____ (ESET spol. s r.o.) C:\Users\user\Downloads\esetonlinescanner_csy.exe
2017-10-08 12:01 - 2017-10-08 12:01 - 000000000 ____D C:\Users\user\AppData\Local\ESET
2017-10-04 11:49 - 2017-10-06 14:38 - 000000000 ___RD C:\Users\user\Dropbox
2017-10-04 11:49 - 2017-10-04 11:49 - 000001202 _____ C:\Users\user\Desktop\Dropbox.lnk
2017-10-04 11:47 - 2017-10-04 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-04 11:44 - 2017-10-04 11:44 - 000000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43 - 2017-10-13 20:17 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-04 11:43 - 2017-10-13 19:48 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-04 11:43 - 2017-10-04 11:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-10-04 11:43 - 2017-10-04 11:43 - 000003900 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-10-04 11:43 - 2017-10-04 11:43 - 000003648 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-10-04 11:42 - 2017-10-07 09:55 - 000000000 ____D C:\Users\user\AppData\Local\Dropbox
2017-10-04 11:42 - 2017-10-04 11:42 - 000690080 _____ (Dropbox, Inc.) C:\Users\user\Downloads\DropboxInstaller.exe
2017-10-04 11:42 - 2017-10-04 11:42 - 000000000 ____D C:\ProgramData\Dropbox
2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-14 21:29 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-14 21:29 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-14 21:29 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-14 21:29 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-14 21:29 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-14 21:29 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-14 21:29 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-14 21:29 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-14 21:29 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-14 21:29 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-14 21:29 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-14 21:29 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-14 21:29 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-14 21:29 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-14 21:29 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-14 21:29 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-13 20:16 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:13 - 2009-07-14 06:45 - 000009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-13 14:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-13 11:01 - 2017-09-11 08:50 - 000000000 ____D C:\Install
2017-10-13 11:00 - 2017-09-04 15:19 - 000000000 ____D C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00 - 2017-09-04 10:41 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2017-10-13 11:00 - 2010-04-26 07:40 - 000000000 ____D C:\Windows\Panther
2017-10-11 21:57 - 2017-09-04 19:01 - 000668792 _____ C:\Windows\system32\perfh005.dat
2017-10-11 21:57 - 2017-09-04 19:01 - 000141420 _____ C:\Windows\system32\perfc005.dat
2017-10-11 21:57 - 2009-07-14 07:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:49 - 2009-07-14 06:45 - 000453776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-10 19:56 - 2017-09-04 18:15 - 000000000 ____D C:\Windows\system32\MRT
2017-10-10 19:53 - 2017-09-04 18:14 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-10 19:50 - 2017-09-04 20:39 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-08 14:44 - 2017-09-11 14:18 - 000000000 ____D C:\Program Files\KMSpico
2017-10-08 13:23 - 2017-09-11 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-10-01 09:41 - 2017-09-09 19:05 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-01 09:41 - 2017-09-09 19:05 - 000002155 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000931 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-09-25 19:06 - 2017-09-04 15:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-09-20 14:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-12 20:14
==================== End of FRST.txt ============================
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
Omylem jsem poslal log z druhého programu, nyní tedy log z RSIT, vypadá to že už se RAM více uvolnila, je na 30%.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2017-10-13 20:28:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 412 GB (89%) free of 463 GB
Total RAM: 3767 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:58, on 13.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4672y278
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Communications - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9615 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\user\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-36.4.22 --annotation=client_session_id=f3830e74-c3f4-4727-8a54-388150b1f173 --annotation=host_int_account1_boot=28315824128 --annotation=machine_id=e7dec311-c751-4b60-b2b7-72119216c0b8 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xc0,0xd0,0xd4,0xcc,0xd8,0x6e475810,0x6e475820,0x6e475830
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:f3830e74-c3f4-4727-8a54-388150b1f173 -target-handle:204 -target-shutdown-event:216 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_4004_NGUYGGBCGJVNSZWL
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\RSIT\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11 231112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11 586528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11 2095920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11 414496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-04-01 558168]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-04-01 349272]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-04-09 206208]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]
"ALU"=C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2017-04-21 2379056]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-05-03 1480032]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-03 3481912]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 269824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-13 20:13:54 ----D---- C:\_OTM
2017-10-13 11:30:23 ----A---- C:\Windows\ntbtlog.txt
2017-10-13 11:26:44 ----D---- C:\AdwCleaner
2017-10-13 11:16:55 ----D---- C:\FRST
2017-10-13 10:48:15 ----D---- C:\Program Files\trend micro
2017-10-13 10:47:32 ----D---- C:\RSIT
2017-10-10 19:53:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:49:51 ----SHD---- C:\Config.Msi
2017-10-10 19:25:16 ----A---- C:\Windows\system32\mshtml.dll
2017-10-10 19:25:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-10 19:25:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-10 19:25:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-10 19:25:11 ----A---- C:\Windows\system32\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\system32\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-10 19:25:06 ----A---- C:\Windows\system32\win32k.sys
2017-10-10 19:25:06 ----A---- C:\Windows\system32\iertutil.dll
2017-10-10 19:25:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\tquery.dll
2017-10-10 19:25:03 ----A---- C:\Windows\system32\mf.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\Query.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-10 19:25:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-10 19:25:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\wlansec.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24:58 ----A---- C:\Windows\system32\mfps.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\gdi32.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\vbscript.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\ntdll.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\certcli.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\smss.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mssrch.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kernel32.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kerberos.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieui.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64win.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\winsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\srcore.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssph.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\lsass.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\inseng.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\iesetup.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-10 19:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\conhost.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\rstrui.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\icaapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-10 19:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\adtschema.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-04 11:44:38 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)\Dropbox
2017-10-04 11:42:58 ----D---- C:\ProgramData\Dropbox
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\DbxSvc.exe
2017-09-14 21:29:21 ----A---- C:\Windows\system32\shell32.dll
2017-09-14 21:29:16 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29:16 ----A---- C:\Windows\system32\mmc.exe
2017-09-14 21:29:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-09-14 21:29:11 ----A---- C:\Windows\system32\localspl.dll
2017-09-14 21:29:10 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-09-14 21:29:10 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-09-14 21:29:10 ----A---- C:\Windows\system32\win32spl.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-09-14 21:29:09 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-14 21:29:09 ----A---- C:\Windows\system32\usp10.dll
2017-09-14 21:29:08 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\ntprint.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-14 21:29:08 ----A---- C:\Windows\system32\cic.dll
2017-09-14 21:29:07 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-09-14 21:29:03 ----A---- C:\Windows\system32\ole32.dll
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\rpcss.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\ntprint.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\inetpp.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29:01 ----A---- C:\Windows\system32\winnsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\nsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\inetppui.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\comcat.dll
2017-09-14 21:29:00 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-09-14 21:29:00 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-09-14 21:29:00 ----A---- C:\Windows\system32\oleres.dll
======List of files/folders modified in the last 1 month======
2017-10-13 20:28:24 ----D---- C:\Windows\Temp
2017-10-13 20:22:04 ----AD---- C:\Windows
2017-10-13 20:17:04 ----A---- C:\Windows\SYSWOW64\log.txt
2017-10-13 20:15:06 ----D---- C:\Windows\system32\config
2017-10-13 14:05:05 ----D---- C:\Windows\inf
2017-10-13 11:29:01 ----HD---- C:\ProgramData
2017-10-13 11:01:12 ----D---- C:\Install
2017-10-13 11:00:45 ----D---- C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00:21 ----D---- C:\Windows\Panther
2017-10-13 11:00:18 ----D---- C:\Windows\Logs
2017-10-13 11:00:18 ----D---- C:\Windows\debug
2017-10-13 10:48:15 ----RD---- C:\Program Files
2017-10-13 10:35:06 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2017-10-12 19:50:39 ----D---- C:\Windows\Microsoft.NET
2017-10-11 21:57:05 ----D---- C:\Windows\System32
2017-10-11 21:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:50:39 ----D---- C:\Windows\winsxs
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\migration
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-10 20:44:59 ----D---- C:\Windows\SysWOW64
2017-10-10 20:44:59 ----D---- C:\Program Files\Internet Explorer
2017-10-10 20:44:59 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-10 20:44:58 ----D---- C:\Windows\system32\migration
2017-10-10 20:44:58 ----D---- C:\Windows\system32\en-US
2017-10-10 20:44:58 ----D---- C:\Windows\system32\drivers
2017-10-10 20:44:58 ----D---- C:\Windows\system32\cs-CZ
2017-10-10 20:44:56 ----D---- C:\Windows\system32\Boot
2017-10-10 20:44:56 ----D---- C:\Windows\AppPatch
2017-10-10 19:56:49 ----D---- C:\Windows\system32\MRT
2017-10-10 19:53:25 ----AC---- C:\Windows\system32\MRT.exe
2017-10-10 19:53:13 ----SHD---- C:\Windows\Installer
2017-10-10 19:50:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-10 19:46:56 ----SHD---- C:\System Volume Information
2017-10-10 19:21:12 ----D---- C:\Windows\system32\catroot2
2017-10-09 20:32:11 ----D---- C:\Windows\Prefetch
2017-10-08 14:44:55 ----D---- C:\Program Files\KMSpico
2017-10-08 13:23:48 ----D---- C:\Windows\system32\Tasks
2017-10-04 11:43:15 ----D---- C:\Windows\Tasks
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)
2017-09-25 19:06:51 ----D---- C:\Program Files (x86)\TeamViewer
2017-09-20 14:27:38 ----D---- C:\Windows\rescache
2017-09-20 11:53:06 ----RSD---- C:\Windows\assembly
2017-09-14 21:04:32 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2016-03-25 213736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-03-25 60416]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-30 32296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 39464]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-30 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 294952]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 53800]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 154792]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-03-30 264232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2016-03-25 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-03-25 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-03-25 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-03-25 12520]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-06-05 2855152]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-10-03 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-03-25 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-06-04 5132888]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-09-04 867080]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-06-05 212184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-09-04 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2016-03-25 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2017-10-13 20:28:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 412 GB (89%) free of 463 GB
Total RAM: 3767 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:58, on 13.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4672y278
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Communications - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9615 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\user\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-36.4.22 --annotation=client_session_id=f3830e74-c3f4-4727-8a54-388150b1f173 --annotation=host_int_account1_boot=28315824128 --annotation=machine_id=e7dec311-c751-4b60-b2b7-72119216c0b8 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xc0,0xd0,0xd4,0xcc,0xd8,0x6e475810,0x6e475820,0x6e475830
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:f3830e74-c3f4-4727-8a54-388150b1f173 -target-handle:204 -target-shutdown-event:216 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_4004_NGUYGGBCGJVNSZWL
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\RSIT\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11 231112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11 586528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11 2095920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11 414496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-04-01 558168]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-04-01 349272]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-04-09 206208]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]
"ALU"=C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2017-04-21 2379056]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-05-03 1480032]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-03 3481912]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 269824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-13 20:13:54 ----D---- C:\_OTM
2017-10-13 11:30:23 ----A---- C:\Windows\ntbtlog.txt
2017-10-13 11:26:44 ----D---- C:\AdwCleaner
2017-10-13 11:16:55 ----D---- C:\FRST
2017-10-13 10:48:15 ----D---- C:\Program Files\trend micro
2017-10-13 10:47:32 ----D---- C:\RSIT
2017-10-10 19:53:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:49:51 ----SHD---- C:\Config.Msi
2017-10-10 19:25:16 ----A---- C:\Windows\system32\mshtml.dll
2017-10-10 19:25:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-10 19:25:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-10 19:25:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-10 19:25:11 ----A---- C:\Windows\system32\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\system32\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-10 19:25:06 ----A---- C:\Windows\system32\win32k.sys
2017-10-10 19:25:06 ----A---- C:\Windows\system32\iertutil.dll
2017-10-10 19:25:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\tquery.dll
2017-10-10 19:25:03 ----A---- C:\Windows\system32\mf.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\Query.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-10 19:25:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-10 19:25:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\wlansec.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24:58 ----A---- C:\Windows\system32\mfps.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\gdi32.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\vbscript.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\ntdll.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\certcli.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\smss.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mssrch.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kernel32.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kerberos.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieui.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64win.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\winsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\srcore.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssph.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\lsass.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\inseng.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\iesetup.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-10 19:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\conhost.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\rstrui.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\icaapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-10 19:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\adtschema.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-04 11:44:38 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)\Dropbox
2017-10-04 11:42:58 ----D---- C:\ProgramData\Dropbox
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\DbxSvc.exe
2017-09-14 21:29:21 ----A---- C:\Windows\system32\shell32.dll
2017-09-14 21:29:16 ----A---- C:\Windows\system32\mmcndmgr.dll
2017-09-14 21:29:16 ----A---- C:\Windows\system32\mmc.exe
2017-09-14 21:29:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2017-09-14 21:29:11 ----A---- C:\Windows\system32\localspl.dll
2017-09-14 21:29:10 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2017-09-14 21:29:10 ----A---- C:\Windows\SYSWOW64\mmc.exe
2017-09-14 21:29:10 ----A---- C:\Windows\system32\win32spl.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-09-14 21:29:09 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-09-14 21:29:09 ----A---- C:\Windows\system32\Wldap32.dll
2017-09-14 21:29:09 ----A---- C:\Windows\system32\usp10.dll
2017-09-14 21:29:08 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\ntprint.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\mmcshext.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\mmcbase.dll
2017-09-14 21:29:08 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-14 21:29:08 ----A---- C:\Windows\system32\cic.dll
2017-09-14 21:29:07 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2017-09-14 21:29:06 ----A---- C:\Windows\SYSWOW64\cic.dll
2017-09-14 21:29:03 ----A---- C:\Windows\system32\ole32.dll
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2017-09-14 21:29:02 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\shdocvw.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\rpcss.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\ntprint.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-14 21:29:02 ----A---- C:\Windows\system32\inetpp.dll
2017-09-14 21:29:02 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\nsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\wpnpinst.exe
2017-09-14 21:29:01 ----A---- C:\Windows\system32\winnsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\nsisvc.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\nsi.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\inetppui.dll
2017-09-14 21:29:01 ----A---- C:\Windows\system32\comcat.dll
2017-09-14 21:29:00 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-09-14 21:29:00 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-09-14 21:29:00 ----A---- C:\Windows\system32\oleres.dll
======List of files/folders modified in the last 1 month======
2017-10-13 20:28:24 ----D---- C:\Windows\Temp
2017-10-13 20:22:04 ----AD---- C:\Windows
2017-10-13 20:17:04 ----A---- C:\Windows\SYSWOW64\log.txt
2017-10-13 20:15:06 ----D---- C:\Windows\system32\config
2017-10-13 14:05:05 ----D---- C:\Windows\inf
2017-10-13 11:29:01 ----HD---- C:\ProgramData
2017-10-13 11:01:12 ----D---- C:\Install
2017-10-13 11:00:45 ----D---- C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00:21 ----D---- C:\Windows\Panther
2017-10-13 11:00:18 ----D---- C:\Windows\Logs
2017-10-13 11:00:18 ----D---- C:\Windows\debug
2017-10-13 10:48:15 ----RD---- C:\Program Files
2017-10-13 10:35:06 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2017-10-12 19:50:39 ----D---- C:\Windows\Microsoft.NET
2017-10-11 21:57:05 ----D---- C:\Windows\System32
2017-10-11 21:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:50:39 ----D---- C:\Windows\winsxs
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\migration
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-10 20:44:59 ----D---- C:\Windows\SysWOW64
2017-10-10 20:44:59 ----D---- C:\Program Files\Internet Explorer
2017-10-10 20:44:59 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-10 20:44:58 ----D---- C:\Windows\system32\migration
2017-10-10 20:44:58 ----D---- C:\Windows\system32\en-US
2017-10-10 20:44:58 ----D---- C:\Windows\system32\drivers
2017-10-10 20:44:58 ----D---- C:\Windows\system32\cs-CZ
2017-10-10 20:44:56 ----D---- C:\Windows\system32\Boot
2017-10-10 20:44:56 ----D---- C:\Windows\AppPatch
2017-10-10 19:56:49 ----D---- C:\Windows\system32\MRT
2017-10-10 19:53:25 ----AC---- C:\Windows\system32\MRT.exe
2017-10-10 19:53:13 ----SHD---- C:\Windows\Installer
2017-10-10 19:50:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-10 19:46:56 ----SHD---- C:\System Volume Information
2017-10-10 19:21:12 ----D---- C:\Windows\system32\catroot2
2017-10-09 20:32:11 ----D---- C:\Windows\Prefetch
2017-10-08 14:44:55 ----D---- C:\Program Files\KMSpico
2017-10-08 13:23:48 ----D---- C:\Windows\system32\Tasks
2017-10-04 11:43:15 ----D---- C:\Windows\Tasks
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)
2017-09-25 19:06:51 ----D---- C:\Program Files (x86)\TeamViewer
2017-09-20 14:27:38 ----D---- C:\Windows\rescache
2017-09-20 11:53:06 ----RSD---- C:\Windows\assembly
2017-09-14 21:04:32 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2016-03-25 213736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-03-25 60416]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-30 32296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 39464]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-30 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 294952]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 53800]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 154792]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-03-30 264232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2016-03-25 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-03-25 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-03-25 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-03-25 12520]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-06-05 2855152]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-10-03 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-03-25 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-06-04 5132888]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-09-04 867080]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-06-05 212184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-09-04 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2016-03-25 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RAM vytížená po startu na cca 40%
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
Aktuálně vytížení RAM na 34% bez čehokoliv spuštěného - bohužel nevím kolik je běžný standard. Ale cca při každém druhém startu se NTB restartuje. Tlačítka myši i touchpadu pořád zlobí, někdy fungují někdy ne (chci např. přesunout ikonu na ploše na jiné místo a nejde to). Ještě jsem si všiml že vůbec nefunguje trojhmat shift+ctrl+esc, jen jakoby na vteřinu se objeví správce úloh a pak hned zmizí, někdy se ani na tu vteřinu neukáže. Posílám aktuální log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2017-10-14 09:29:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 411 GB (89%) free of 463 GB
Total RAM: 3767 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:45, on 14.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4672y278
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Communications - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9614 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\Explorer.EXE
taskeng.exe {04530109-6F1F-4447-A557-64F209C2238D}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\user\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-36.4.22 --annotation=client_session_id=db88efd8-720e-4737-9be7-29fd14314f1a --annotation=host_int_account1_boot=28315824128 --annotation=machine_id=e7dec311-c751-4b60-b2b7-72119216c0b8 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xc0,0xd0,0xd4,0xcc,0xd8,0x6df45810,0x6df45820,0x6df45830
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:db88efd8-720e-4737-9be7-29fd14314f1a -target-handle:204 -target-shutdown-event:216 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_3580_LOLTQRLYRIDBKNPJ
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\user\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11 231112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11 586528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11 2095920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11 414496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-04-01 558168]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-04-01 349272]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-04-09 206208]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]
"ALU"=C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2017-04-21 2379056]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-05-03 1480032]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-03 3481912]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 269824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-13 20:13:54 ----D---- C:\_OTM
2017-10-13 11:30:23 ----A---- C:\Windows\ntbtlog.txt
2017-10-13 11:26:44 ----D---- C:\AdwCleaner
2017-10-13 11:16:55 ----D---- C:\FRST
2017-10-13 10:48:15 ----D---- C:\Program Files\trend micro
2017-10-13 10:47:32 ----D---- C:\RSIT
2017-10-10 19:53:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:49:51 ----SHD---- C:\Config.Msi
2017-10-10 19:25:16 ----A---- C:\Windows\system32\mshtml.dll
2017-10-10 19:25:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-10 19:25:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-10 19:25:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-10 19:25:11 ----A---- C:\Windows\system32\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\system32\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-10 19:25:06 ----A---- C:\Windows\system32\win32k.sys
2017-10-10 19:25:06 ----A---- C:\Windows\system32\iertutil.dll
2017-10-10 19:25:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\tquery.dll
2017-10-10 19:25:03 ----A---- C:\Windows\system32\mf.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\Query.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-10 19:25:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-10 19:25:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\wlansec.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24:58 ----A---- C:\Windows\system32\mfps.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\gdi32.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\vbscript.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\ntdll.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\certcli.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\smss.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mssrch.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kernel32.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kerberos.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieui.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64win.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\winsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\srcore.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssph.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\lsass.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\inseng.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\iesetup.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-10 19:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\conhost.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\rstrui.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\icaapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-10 19:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\adtschema.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-04 11:44:38 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)\Dropbox
2017-10-04 11:42:58 ----D---- C:\ProgramData\Dropbox
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\DbxSvc.exe
======List of files/folders modified in the last 1 month======
2017-10-14 09:29:44 ----D---- C:\Windows\Temp
2017-10-14 09:25:56 ----A---- C:\Windows\SYSWOW64\log.txt
2017-10-14 09:23:15 ----D---- C:\Windows\system32\config
2017-10-13 20:22:04 ----AD---- C:\Windows
2017-10-13 14:05:05 ----D---- C:\Windows\inf
2017-10-13 11:29:01 ----HD---- C:\ProgramData
2017-10-13 11:01:12 ----D---- C:\Install
2017-10-13 11:00:45 ----D---- C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00:21 ----D---- C:\Windows\Panther
2017-10-13 11:00:18 ----D---- C:\Windows\Logs
2017-10-13 11:00:18 ----D---- C:\Windows\debug
2017-10-13 10:48:15 ----RD---- C:\Program Files
2017-10-13 10:35:06 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2017-10-12 19:50:39 ----D---- C:\Windows\Microsoft.NET
2017-10-11 21:57:05 ----D---- C:\Windows\System32
2017-10-11 21:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:50:39 ----D---- C:\Windows\winsxs
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\migration
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-10 20:44:59 ----D---- C:\Windows\SysWOW64
2017-10-10 20:44:59 ----D---- C:\Program Files\Internet Explorer
2017-10-10 20:44:59 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-10 20:44:58 ----D---- C:\Windows\system32\migration
2017-10-10 20:44:58 ----D---- C:\Windows\system32\en-US
2017-10-10 20:44:58 ----D---- C:\Windows\system32\drivers
2017-10-10 20:44:58 ----D---- C:\Windows\system32\cs-CZ
2017-10-10 20:44:56 ----D---- C:\Windows\system32\Boot
2017-10-10 20:44:56 ----D---- C:\Windows\AppPatch
2017-10-10 19:56:49 ----D---- C:\Windows\system32\MRT
2017-10-10 19:53:25 ----AC---- C:\Windows\system32\MRT.exe
2017-10-10 19:53:13 ----SHD---- C:\Windows\Installer
2017-10-10 19:50:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-10 19:46:56 ----SHD---- C:\System Volume Information
2017-10-10 19:21:12 ----D---- C:\Windows\system32\catroot2
2017-10-09 20:32:11 ----D---- C:\Windows\Prefetch
2017-10-08 14:44:55 ----D---- C:\Program Files\KMSpico
2017-10-08 13:23:48 ----D---- C:\Windows\system32\Tasks
2017-10-04 11:43:15 ----D---- C:\Windows\Tasks
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)
2017-09-25 19:06:51 ----D---- C:\Program Files (x86)\TeamViewer
2017-09-20 14:27:38 ----D---- C:\Windows\rescache
2017-09-20 11:53:06 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2016-03-25 213736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-03-25 60416]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-30 32296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 39464]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-30 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 294952]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 53800]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 154792]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-03-30 264232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2016-03-25 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-03-25 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-03-25 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-03-25 12520]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-06-05 2855152]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-10-03 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-03-25 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-06-04 5132888]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-09-04 867080]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-06-05 212184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-09-04 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2016-03-25 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2017-10-14 09:29:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 411 GB (89%) free of 463 GB
Total RAM: 3767 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:45, on 14.10.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal
Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4672y278
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [VideoWebCamera] "C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Communications - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9614 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\Explorer.EXE
taskeng.exe {04530109-6F1F-4447-A557-64F209C2238D}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe" -a
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --database=C:\Users\user\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-36.4.22 --annotation=client_session_id=db88efd8-720e-4737-9be7-29fd14314f1a --annotation=host_int_account1_boot=28315824128 --annotation=machine_id=e7dec311-c751-4b60-b2b7-72119216c0b8 --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xc0,0xd0,0xd4,0xcc,0xd8,0x6df45810,0x6df45820,0x6df45830
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:db88efd8-720e-4737-9be7-29fd14314f1a -target-handle:204 -target-shutdown-event:216 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_3580_LOLTQRLYRIDBKNPJ
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\user\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-11 231112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-09-11 586528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-11 2095920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-09-11 414496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2010-04-01 558168]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-04-01 349272]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-04-09 206208]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-29 9913376]
"Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2010-03-17 860704]
"ALU"=C:\Program Files\Packard Bell\Packard Bell Updater\ALU.exe [2017-04-21 2379056]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-12-24 284696]
"VideoWebCamera"=C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe [2010-05-03 1480032]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-10-03 3481912]
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-03-31 269824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-10-13 20:13:54 ----D---- C:\_OTM
2017-10-13 11:30:23 ----A---- C:\Windows\ntbtlog.txt
2017-10-13 11:26:44 ----D---- C:\AdwCleaner
2017-10-13 11:16:55 ----D---- C:\FRST
2017-10-13 10:48:15 ----D---- C:\Program Files\trend micro
2017-10-13 10:47:32 ----D---- C:\RSIT
2017-10-10 19:53:33 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-10 19:49:51 ----SHD---- C:\Config.Msi
2017-10-10 19:25:16 ----A---- C:\Windows\system32\mshtml.dll
2017-10-10 19:25:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-10 19:25:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-10 19:25:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-10 19:25:11 ----A---- C:\Windows\system32\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-10 19:25:09 ----A---- C:\Windows\system32\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-10 19:25:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-10 19:25:06 ----A---- C:\Windows\system32\win32k.sys
2017-10-10 19:25:06 ----A---- C:\Windows\system32\iertutil.dll
2017-10-10 19:25:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-10 19:25:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\urlmon.dll
2017-10-10 19:25:04 ----A---- C:\Windows\system32\tquery.dll
2017-10-10 19:25:03 ----A---- C:\Windows\system32\mf.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\Query.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\jscript.dll
2017-10-10 19:25:02 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-10 19:25:01 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-10 19:25:01 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-10 19:25:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-10 19:25:00 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\msctf.dll
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-10 19:24:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\wlansec.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\t2embed.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-10 19:24:58 ----A---- C:\Windows\system32\mfps.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-10 19:24:58 ----A---- C:\Windows\system32\gdi32.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\webcheck.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\vbscript.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\themeui.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\ntdll.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-10 19:24:57 ----A---- C:\Windows\system32\certcli.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\smss.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mssrch.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-10 19:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kernel32.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\kerberos.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieui.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-10 19:24:56 ----A---- C:\Windows\system32\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-10 19:24:55 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64win.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wow64.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\winsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\wdigest.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\sspicli.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\srcore.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\schannel.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\occache.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssvp.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssph.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\msrating.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\lsass.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\inseng.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\iesetup.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-10 19:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-10 19:24:55 ----A---- C:\Windows\system32\conhost.exe
2017-10-10 19:24:55 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-10 19:24:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\srclient.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\secur32.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\rstrui.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msshooks.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\msaudite.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\iernonce.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\icaapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-10 19:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\credssp.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\auditpol.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-10 19:24:54 ----A---- C:\Windows\system32\appidapi.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-10 19:24:54 ----A---- C:\Windows\system32\adtschema.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\msobjs.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\mferror.dll
2017-10-10 19:24:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-04 11:44:38 ----D---- C:\Users\user\AppData\Roaming\Dropbox
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)\Dropbox
2017-10-04 11:42:58 ----D---- C:\ProgramData\Dropbox
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2017-10-03 12:21:10 ----A---- C:\Windows\system32\DbxSvc.exe
======List of files/folders modified in the last 1 month======
2017-10-14 09:29:44 ----D---- C:\Windows\Temp
2017-10-14 09:25:56 ----A---- C:\Windows\SYSWOW64\log.txt
2017-10-14 09:23:15 ----D---- C:\Windows\system32\config
2017-10-13 20:22:04 ----AD---- C:\Windows
2017-10-13 14:05:05 ----D---- C:\Windows\inf
2017-10-13 11:29:01 ----HD---- C:\ProgramData
2017-10-13 11:01:12 ----D---- C:\Install
2017-10-13 11:00:45 ----D---- C:\Users\user\AppData\Roaming\TeamViewer
2017-10-13 11:00:21 ----D---- C:\Windows\Panther
2017-10-13 11:00:18 ----D---- C:\Windows\Logs
2017-10-13 11:00:18 ----D---- C:\Windows\debug
2017-10-13 10:48:15 ----RD---- C:\Program Files
2017-10-13 10:35:06 ----SD---- C:\Users\user\AppData\Roaming\Microsoft
2017-10-12 19:50:39 ----D---- C:\Windows\Microsoft.NET
2017-10-11 21:57:05 ----D---- C:\Windows\System32
2017-10-11 21:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-11 21:50:39 ----D---- C:\Windows\winsxs
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\migration
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-10 20:44:59 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-10-10 20:44:59 ----D---- C:\Windows\SysWOW64
2017-10-10 20:44:59 ----D---- C:\Program Files\Internet Explorer
2017-10-10 20:44:59 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-10 20:44:58 ----D---- C:\Windows\system32\migration
2017-10-10 20:44:58 ----D---- C:\Windows\system32\en-US
2017-10-10 20:44:58 ----D---- C:\Windows\system32\drivers
2017-10-10 20:44:58 ----D---- C:\Windows\system32\cs-CZ
2017-10-10 20:44:56 ----D---- C:\Windows\system32\Boot
2017-10-10 20:44:56 ----D---- C:\Windows\AppPatch
2017-10-10 19:56:49 ----D---- C:\Windows\system32\MRT
2017-10-10 19:53:25 ----AC---- C:\Windows\system32\MRT.exe
2017-10-10 19:53:13 ----SHD---- C:\Windows\Installer
2017-10-10 19:50:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-10 19:46:56 ----SHD---- C:\System Volume Information
2017-10-10 19:21:12 ----D---- C:\Windows\system32\catroot2
2017-10-09 20:32:11 ----D---- C:\Windows\Prefetch
2017-10-08 14:44:55 ----D---- C:\Program Files\KMSpico
2017-10-08 13:23:48 ----D---- C:\Windows\system32\Tasks
2017-10-04 11:43:15 ----D---- C:\Windows\Tasks
2017-10-04 11:43:04 ----D---- C:\Program Files (x86)
2017-09-25 19:06:51 ----D---- C:\Program Files (x86)\TeamViewer
2017-09-20 14:27:38 ----D---- C:\Windows\rescache
2017-09-20 11:53:06 ----RSD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2016-03-25 213736]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2016-03-25 60416]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-03-30 32296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-29 2231584]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-03-30 39464]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2010-03-30 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-03-30 294952]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-03-30 202792]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-03-30 53800]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-03-30 154792]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-03-30 264232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2016-03-25 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2016-03-25 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2016-03-25 80384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2016-03-25 12520]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-19 245280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-04-01 34392]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-06-05 2855152]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2017-10-03 51016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2016-03-25 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-03-17 866336]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-06-04 5132888]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2016-06-08 257440]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-04 143144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2017-09-04 867080]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-09 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-06-05 212184]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-09-04 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2016-03-25 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RAM vytížená po startu na cca 40%
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 15.10.17
Čas skenování: 9:06
Logovací soubor: 5cf66b20-b177-11e7-a345-705ab6fb93fd.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3014
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: PB\user
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 306481
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 min, 44 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 15.10.17
Čas skenování: 9:06
Logovací soubor: 5cf66b20-b177-11e7-a345-705ab6fb93fd.json
Správce: Ano
-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3014
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: PB\user
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 306481
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 min, 44 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RAM vytížená po startu na cca 40%
Toto je OK. Který proces zatěžuje systém nejvíce?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
Nejvíce používám Google Chrome.
Procesy viz obr. přílohou.
Procesy viz obr. přílohou.
- Přílohy
-
- po_spusteni.jpg (77.72 KiB) Zobrazeno 2446 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: RAM vytížená po startu na cca 40%
Na zkoušku přeinstalujte Dropbox.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
michal.klima
- Návštěvník
- Příspěvky: 10
- Registrován: 13 říj 2017 13:19
Re: RAM vytížená po startu na cca 40%
Pro jistotu jsem Dropbox úplně odinstaloval. Poté restart notebooku.
Opět se NTB restartuje dokola, hned po obrazovce nabízející boot menu a vstup do BIOSu.
Musel jsem dát F8, vybral spustit system Windows obvyklým způsobem (poslední volba dole), pak normálně OS naběhnul.
Aktuálně tedy bez Dropboxu a vytížené RAM na 38%.
Napádá Vás ještě něco? Možná bude jednodušší celý disk smáznout a nainstalovat znovu...
Opět se NTB restartuje dokola, hned po obrazovce nabízející boot menu a vstup do BIOSu.
Musel jsem dát F8, vybral spustit system Windows obvyklým způsobem (poslední volba dole), pak normálně OS naběhnul.
Aktuálně tedy bez Dropboxu a vytížené RAM na 38%.
Napádá Vás ještě něco? Možná bude jednodušší celý disk smáznout a nainstalovat znovu...
Přispějete na provoz fóra?