Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Prosím o kontrolu PC

#1 Příspěvek od atsok »

Dobrý den
poprosím vás o kontrolu Pc zde jsou logy

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Mara (administrator) on DESKTOP-2SQL7M7 (03-02-2018 15:35:53)
Running from C:\Users\Mara\Downloads
Loaded Profiles: Mara (Available Profiles: Mara)
Platform: Windows 10 Home Version 1703 15063.850 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Distromatic) C:\Program Files (x86)\Amazon Browser Settings\updater.exe
(Distromatic) C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(© 2015 Microsoft Corporation) C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Distromatic) C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe
(Microsoft Corporation) C:\Program Files\rempl\remsh.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\UNP\UNPCampaignManager.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Distromatic) C:\Program Files (x86)\Amazon Browser Settings\updater.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [BingSvc] => C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-03] (Skype Technologies S.A.)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.87.176.1 8.8.8.8
Tcpip\..\Interfaces\{12fd5212-26d1-4433-98bb-5a863957f9c8}: [DhcpNameServer] 80.87.176.1 8.8.8.8
Tcpip\..\Interfaces\{69d4874f-62b9-4546-9c7c-26375b8b0192}: [DhcpNameServer] 80.87.176.1 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {1A108CC4-3B5A-4DE5-A8F6-AF1078A2E2BE} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {513CF2CE-5C7A-4330-8FF6-1B1854D809BE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {75C0BEDE-59C6-44C4-AC09-32DAB9706C30} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {79856514-7C12-4ECA-A2A8-98614592AAB4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {8A968FAF-DEA1-4314-B820-5DC06FB4AD6B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {B1F19DE6-4A48-4C3C-B7A8-44AC3DC78305} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10301__160902__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {E198FD3B-D854-4E49-9C2D-EE760C9CE4E6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {ECCCB144-17A7-44F6-ABEF-A76885934135} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {F6771896-BEF3-424E-9673-3EAB36DB543E} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_29530
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)

FireFox:
========
FF DefaultProfile: 66h6usma.default
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default [2018-02-03]
FF Homepage: Mozilla\Firefox\Profiles\66h6usma.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\66h6usma.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10301__160902__yaff
FF Extension: (Bing Search) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-08-07] [Legacy]
FF Extension: (NoiaButtons) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\NoiaButtons@ArisT2_Noia4dev.xpi [2017-09-14] [Legacy]
FF Extension: (Noia Fox options) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2016-05-17] [Legacy]
FF Extension: (NewScrollbars (aka NoiaScrollbars)) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2017-01-17] [Legacy]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\sko-extension@firma.seznam.cz [2017-11-21]
FF Extension: (Aeon Colors) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}.xpi [2015-10-07] [Legacy] [not signed]
FF Extension: (Open With Opera) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{60ac7b3b-86c0-4bca-8ba2-fb25abb46bef}.xpi [2017-10-07]
FF Extension: (Noia Fox) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2015-08-21] [Legacy]
FF Extension: (Aeon Jumbo) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{C8E400E3-44BC-4e78-8C17-8C48E74C67F4}.xpi [2015-10-07] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-31]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-21]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Extension: (Firefox 2, the theme, reloaded) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi [2017-10-23] [Legacy]
FF Extension: (Disable Crash Auto Submit) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\features\{4a8941cc-5f5f-4c51-b274-b8af61e63a00}\disable-crash-autosubmit@mozilla.org.xpi [2018-01-31] [Legacy]
FF SearchPlugin: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\searchplugins\yahoo-lavasoft.xml [2017-09-25]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-09-02] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2017-12-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2017-12-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2018-02-03]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-15]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-15]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-18]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-11-21]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-11-21]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-18]
CHR Extension: (Bing) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-11-21]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-08]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-11-21]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-03]
CHR HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-02-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-02-01] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-01] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-03 15:35 - 2018-02-03 15:37 - 000020158 _____ C:\Users\Mara\Downloads\FRST.txt
2018-02-03 15:35 - 2018-02-03 15:35 - 000000000 ____D C:\FRST
2018-02-03 15:34 - 2018-02-03 15:35 - 002393088 _____ (Farbar) C:\Users\Mara\Downloads\FRST64.exe
2018-02-03 15:23 - 2018-02-03 15:23 - 000000000 ___HD C:\OneDriveTemp
2018-02-03 14:20 - 2018-02-03 14:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-31 05:29 - 2018-01-01 07:03 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-31 05:29 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-01-31 05:29 - 2018-01-01 03:26 - 000107416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-31 05:29 - 2018-01-01 03:25 - 001065608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-31 05:29 - 2018-01-01 03:25 - 000900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-31 05:29 - 2018-01-01 03:24 - 008345496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-31 05:29 - 2018-01-01 03:24 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-31 05:29 - 2018-01-01 03:24 - 001188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-31 05:29 - 2018-01-01 03:24 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-01-31 05:29 - 2018-01-01 03:24 - 000102808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-01-31 05:29 - 2018-01-01 03:24 - 000052632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-01-31 05:29 - 2018-01-01 03:23 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-31 05:29 - 2018-01-01 03:22 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-31 05:29 - 2018-01-01 03:22 - 001194784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-31 05:29 - 2018-01-01 03:22 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-31 05:29 - 2018-01-01 03:22 - 000119704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-01-31 05:29 - 2018-01-01 03:21 - 000587160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-31 05:29 - 2018-01-01 03:20 - 000036760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000730008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000164760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-01-31 05:29 - 2018-01-01 03:18 - 000110600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-01-31 05:29 - 2018-01-01 03:18 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-31 05:29 - 2018-01-01 03:16 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-31 05:29 - 2018-01-01 03:16 - 001107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-31 05:29 - 2018-01-01 03:16 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-31 05:29 - 2018-01-01 03:15 - 001396680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-31 05:29 - 2018-01-01 03:15 - 000083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-31 05:29 - 2018-01-01 03:14 - 000159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-31 05:29 - 2018-01-01 03:09 - 000142744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-31 05:29 - 2018-01-01 03:09 - 000070224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-01-31 05:29 - 2018-01-01 03:08 - 001325960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-31 05:29 - 2018-01-01 03:07 - 000583688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-01-31 05:29 - 2018-01-01 03:03 - 000627584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-31 05:29 - 2018-01-01 03:03 - 000311704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-31 05:29 - 2018-01-01 02:52 - 023680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-31 05:29 - 2018-01-01 02:52 - 000195768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-31 05:29 - 2018-01-01 02:50 - 000787704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-31 05:29 - 2018-01-01 02:49 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-31 05:29 - 2018-01-01 02:48 - 005828768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-31 05:29 - 2018-01-01 02:48 - 002167320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-31 05:29 - 2018-01-01 02:48 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 001998416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 000433888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-01-31 05:29 - 2018-01-01 02:46 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-31 05:29 - 2018-01-01 02:46 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-01-31 05:29 - 2018-01-01 02:45 - 020374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-31 05:29 - 2018-01-01 02:45 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-31 05:29 - 2018-01-01 02:43 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-31 05:29 - 2018-01-01 02:42 - 000480912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-31 05:29 - 2018-01-01 02:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-01-31 05:29 - 2018-01-01 02:41 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-01-31 05:29 - 2018-01-01 02:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-01-31 05:29 - 2018-01-01 02:40 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2018-01-31 05:29 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-31 05:29 - 2018-01-01 02:40 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-01-31 05:29 - 2018-01-01 02:40 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-01-31 05:29 - 2018-01-01 02:40 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-01-31 05:29 - 2018-01-01 02:39 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-31 05:29 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-31 05:29 - 2018-01-01 02:39 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-01-31 05:29 - 2018-01-01 02:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-01-31 05:29 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-31 05:29 - 2018-01-01 02:38 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 023683072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-31 05:29 - 2018-01-01 02:37 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-31 05:29 - 2018-01-01 02:37 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-31 05:29 - 2018-01-01 02:37 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-01-31 05:29 - 2018-01-01 02:34 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ssdpapi.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-31 05:29 - 2018-01-01 02:32 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-31 05:29 - 2018-01-01 02:32 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-01-31 05:29 - 2018-01-01 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3dlg.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-01-31 05:29 - 2018-01-01 02:31 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-31 05:29 - 2018-01-01 02:31 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 020514304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 012803584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 004719104 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-01-31 05:29 - 2018-01-01 02:30 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 006249472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 000946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 005964288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-31 05:29 - 2018-01-01 02:26 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-01-31 05:29 - 2018-01-01 02:26 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-01-31 05:29 - 2018-01-01 02:25 - 002010112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-31 05:29 - 2018-01-01 02:24 - 003651072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-01-31 05:29 - 2018-01-01 02:23 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-31 05:29 - 2018-01-01 02:23 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-01-31 05:29 - 2018-01-01 02:22 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-01-31 05:29 - 2018-01-01 02:21 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-01-31 05:29 - 2018-01-01 02:21 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2018-01-31 05:29 - 2018-01-01 02:20 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-01-31 05:29 - 2018-01-01 02:20 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2018-01-31 05:29 - 2018-01-01 02:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-01-31 05:29 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2018-01-31 05:29 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-01-31 05:29 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-31 05:29 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-01-31 05:29 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-01-31 05:29 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-01-31 05:29 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-01-31 05:29 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-01-31 05:29 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2018-01-31 05:29 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2018-01-31 05:29 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-01-31 05:29 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2018-01-31 05:29 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2018-01-31 05:29 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-01-31 05:29 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-01-31 05:29 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-31 05:29 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-01-31 05:29 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-31 05:29 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 001021336 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000751576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000544152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000382864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000264536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-01-31 05:28 - 2018-01-01 03:27 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000020376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-01-31 05:28 - 2018-01-01 03:24 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-31 05:28 - 2018-01-01 03:24 - 000105880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-01-31 05:28 - 2018-01-01 03:24 - 000033688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-01-31 05:28 - 2018-01-01 03:23 - 000386456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-31 05:28 - 2018-01-01 03:22 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-31 05:28 - 2018-01-01 03:21 - 000328616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-31 05:28 - 2018-01-01 03:21 - 000063896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-31 05:28 - 2018-01-01 03:20 - 007319912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-31 05:28 - 2018-01-01 03:20 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-31 05:28 - 2018-01-01 03:20 - 000524760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-31 05:28 - 2018-01-01 03:20 - 000459160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-31 05:28 - 2018-01-01 03:19 - 002466392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-31 05:28 - 2018-01-01 03:19 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-31 05:28 - 2018-01-01 03:19 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000643704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000282520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000247472 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-01-31 05:28 - 2018-01-01 03:19 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000118680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000082328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000054168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000018672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 021354736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 001146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-31 05:28 - 2018-01-01 03:18 - 000966040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-01-31 05:28 - 2018-01-01 03:18 - 000822680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-01-31 05:28 - 2018-01-01 03:18 - 000316240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 000175800 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-01-31 05:28 - 2018-01-01 03:17 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2018-01-31 05:28 - 2018-01-01 03:15 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-31 05:28 - 2018-01-01 03:10 - 000100800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-01-31 05:28 - 2018-01-01 03:09 - 000434072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-31 05:28 - 2018-01-01 03:09 - 000114584 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-31 05:28 - 2018-01-01 02:44 - 000411184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-01-31 05:28 - 2018-01-01 02:43 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-31 05:28 - 2018-01-01 02:42 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-31 05:28 - 2018-01-01 02:42 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-31 05:28 - 2018-01-01 02:42 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-01-31 05:28 - 2018-01-01 02:42 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-01-31 05:28 - 2018-01-01 02:40 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\container_xml.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-01-31 05:28 - 2018-01-01 02:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-01-31 05:28 - 2018-01-01 02:40 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-01-31 05:28 - 2018-01-01 02:40 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-01-31 05:28 - 2018-01-01 02:39 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-01-31 05:28 - 2018-01-01 02:39 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-01-31 05:28 - 2018-01-01 02:39 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-01-31 05:28 - 2018-01-01 02:39 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-01-31 05:28 - 2018-01-01 02:38 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-01-31 05:28 - 2018-01-01 02:38 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-01-31 05:28 - 2018-01-01 02:38 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-01-31 05:28 - 2018-01-01 02:38 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-01-31 05:28 - 2018-01-01 02:35 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-01-31 05:28 - 2018-01-01 02:34 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-01-31 05:28 - 2018-01-01 02:34 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-01-31 05:28 - 2018-01-01 02:33 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-01-31 05:28 - 2018-01-01 02:33 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-01-31 05:28 - 2018-01-01 02:32 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 007339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-31 05:28 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 002426368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-01-31 05:28 - 2018-01-01 02:28 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-31 05:28 - 2018-01-01 02:26 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-31 05:28 - 2018-01-01 02:26 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-31 05:28 - 2018-01-01 02:25 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-01-31 05:28 - 2018-01-01 02:25 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2018-01-31 05:28 - 2018-01-01 02:25 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-01-31 05:28 - 2018-01-01 02:24 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-31 05:28 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-01-31 05:28 - 2018-01-01 02:18 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-01-31 05:28 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-31 05:28 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-01-31 05:28 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-01-31 05:28 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2018-01-31 05:28 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2018-01-31 05:28 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-01-31 05:28 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-01-31 05:28 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2018-01-31 05:28 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-01-31 05:28 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-31 05:28 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2018-01-31 05:28 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-31 05:28 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-01-31 05:28 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-01-31 05:28 - 2017-11-17 10:46 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-01-31 05:28 - 2017-11-17 10:46 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-01-31 05:28 - 2017-11-17 10:39 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-01-31 05:28 - 2017-11-17 09:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-01-31 05:28 - 2017-11-17 09:56 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-01-31 05:12 - 2018-01-31 05:14 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-30 15:28 - 2018-02-01 12:21 - 000000000 ____D C:\Program Files\rempl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-03 15:38 - 2017-02-14 23:36 - 000010476 _____ C:\Users\Mara\AppData\Local\FSDownloader.err
2018-02-03 15:38 - 2017-02-14 23:29 - 000001088 _____ C:\Users\Mara\AppData\Local\FSDownloader.nast
2018-02-03 15:35 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-03 15:33 - 2017-08-04 12:52 - 000004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28B4EFD2-6DFB-4745-9634-36A22BCC91BB}
2018-02-03 15:27 - 2017-08-04 12:49 - 002284608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-03 15:27 - 2017-03-20 05:43 - 001019542 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-03 15:27 - 2017-03-20 05:43 - 000235512 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-03 15:27 - 2016-12-11 19:33 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2018-02-03 15:27 - 2016-10-06 13:49 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Seznam.cz
2018-02-03 15:27 - 2016-07-18 15:29 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Mozilla
2018-02-03 15:26 - 2017-05-09 09:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-03 15:26 - 2016-07-18 15:29 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-03 15:26 - 2016-07-18 15:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-03 15:25 - 2016-08-07 19:37 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Skype
2018-02-03 15:24 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-03 15:23 - 2016-07-18 14:34 - 000000000 ___RD C:\Users\Mara\OneDrive
2018-02-03 14:21 - 2017-08-04 12:34 - 000000000 ____D C:\Users\Mara
2018-02-02 10:48 - 2017-08-04 12:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-02 10:48 - 2017-08-04 12:29 - 000307776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-02 10:47 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-02 10:42 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-02 10:36 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-02 10:35 - 2017-06-14 00:18 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-02-02 10:35 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-02 10:34 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-02 10:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-01 18:44 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-01 18:44 - 2016-07-18 18:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-01 18:40 - 2017-10-12 09:26 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-01 18:40 - 2016-07-18 18:41 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-31 05:17 - 2017-08-01 13:07 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-30 15:26 - 2016-07-18 17:56 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-30 15:23 - 2017-08-04 12:52 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-772858087-439378103-3593226653-1001
2018-01-30 15:23 - 2016-07-18 14:34 - 000002384 _____ C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2017-02-14 23:36 - 2018-02-03 15:38 - 000010476 _____ () C:\Users\Mara\AppData\Local\FSDownloader.err
2017-02-14 23:29 - 2018-02-03 15:38 - 000001088 _____ () C:\Users\Mara\AppData\Local\FSDownloader.nast
2016-10-06 13:39 - 2016-10-06 13:39 - 000032038 _____ () C:\Users\Mara\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

Some files in TEMP:
====================
2017-12-13 12:03 - 2017-12-13 12:04 - 058818504 _____ (Skype Technologies S.A.) C:\Users\Mara\AppData\Local\Temp\SkypeSetup.exe
2017-11-21 09:07 - 2017-12-15 14:27 - 000534528 _____ () C:\Users\Mara\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-21 11:08

==================== End of FRST.txt ============================

dekuji

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#2 Příspěvek od atsok »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mara at 2018-02-03 15:44:35
Microsoft Windows 10 Home
System drive C: has 94 GB (39%) free of 237 GB
Total RAM: 3839 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:44:47, on 03.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0850)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
C:\Program Files\trend micro\Mara.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: The Amazon Assistant for Internet Explorer - {0ddcea2a-7b00-4349-8acb-af7ba6da251f} - mscoree.dll (file missing)
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: PDF Architect 4 Helper - {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlall.htm
O8 - Extra context menu item: Download selected with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlselected.htm
O8 - Extra context menu item: Download with FDM - file://C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dllink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Amazon Assistant Service - Unknown owner - C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PDF Architect 4 - pdfforge GmbH - C:\Program Files\PDF Architect 4\ws.exe
O23 - Service: PDF Architect 4 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 4\crash-handler-ws.exe
O23 - Service: PDF Architect 4 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 4\creator-ws.exe
O23 - Service: PDF Architect 4 Manager - © pdfforge GmbH. - C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10080 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TabletInputService
"C:\WINDOWS\system32\nvvsvc.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Themes
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
"C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
"C:\Program Files\PDF Architect 4\creator-ws.exe"
"C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"


c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc

c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
dashost.exe {8fb64d7c-7fb5-4c78-875ed3c37a3ef2ae}

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs

c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe -Embedding
C:\PROGRA~1\TrueKey\MCAFEE~2.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
/QuitInfo:000000000000020C;0000000000000210;
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
/loadhooks /Parent:0000000000000ab4
C:\Windows\System32\smartscreen.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"mshta.exe" "C:\Program Files (x86)\Amazon\Amazon Assistant\aa.hta"
"C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
szndesktop.exe default start
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\system32\compattelrunner.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:PhCFyxborUGAO5AA.1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files\CCleaner\CCleaner64.exe"
C:\WINDOWS\System32\svchost.exe -k smphost
C:\WINDOWS\system32\AUDIODG.EXE 0x4d0
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4952.0.1331484347\1068104787" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\Mara\AppData\LocalLow\Mozilla\Temp-{121a4520-32a3-42f0-b985-f0a2d22445e0}" 4952 "\\.\pipe\gecko-crash-server-pipe.4952" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4952.1.285629159\1890296922" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:0|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|11:1|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{121a4520-32a3-42f0-b985-f0a2d22445e0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4952 "\\.\pipe\gecko-crash-server-pipe.4952" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4952.13.1574819477\1205459538" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:0|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|11:1|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{121a4520-32a3-42f0-b985-f0a2d22445e0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4952 "\\.\pipe\gecko-crash-server-pipe.4952" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4952.20.521117663\190434772" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:0|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|11:1|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{121a4520-32a3-42f0-b985-f0a2d22445e0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4952 "\\.\pipe\gecko-crash-server-pipe.4952" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4952.27.1053597175\1219937928" -childID 4 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:0|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|11:1|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{121a4520-32a3-42f0-b985-f0a2d22445e0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4952 "\\.\pipe\gecko-crash-server-pipe.4952" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4952.34.2064595762\419425015" -childID 5 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:0|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|11:1|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:0|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{121a4520-32a3-42f0-b985-f0a2d22445e0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4952 "\\.\pipe\gecko-crash-server-pipe.4952" tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-772858087-439378103-3593226653-10016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-772858087-439378103-3593226653-10016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\SysWOW64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-772858087-439378103-3593226653-10017_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-772858087-439378103-3593226653-10017 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 696 700 708 8192 704
"C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe" -ServerName:SecHealthUI.AppXep4x2tbtjws1v9qqs0rmb3hxykvkpqtn.mca
notepad "C:\Users\Mara\Downloads\FRST.txt"
C:\WINDOWS\system32\DllHost.exe /Processid:{7E55A26D-EF95-4A45-9F55-21E52ADF9887}
notepad "C:\Users\Mara\Downloads\Addition.txt"
"C:\Users\Mara\Downloads\RSITx64.exe"
"c:\windows\system32\\svchost.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"pdf_architect_4_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension\


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\PDF Architect 4]
"Description"=
"Path"=C:\Program Files (x86)\PDF Architect 4\np-previewer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll


C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\extensions\
sko-extension@firma.seznam.cz
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\searchplugins\
yahoo-lavasoft.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}]
Amazon Assistant - C:\WINDOWS\system32\mscoree.dll [2017-03-18 374784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}]
Amazon Assistant - C:\WINDOWS\system32\mscoree.dll [2017-03-18 374784]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8}]
PDF Architect 4 Helper - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - PDF Architect 4 Toolbar - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05 547040]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-11-19 1802424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-30 1554080]
"BingSvc"=C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []
"cz.seznam.software.autoupdate"=C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-02-08 9363672]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-05-03 27716568]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-03 15:44:35 ----D---- C:\rsit
2018-02-03 15:44:35 ----D---- C:\Program Files\trend micro
2018-02-03 15:35:42 ----D---- C:\FRST
2018-02-03 15:23:58 ----HD---- C:\OneDriveTemp
2018-02-03 14:20:28 ----D---- C:\WINDOWS\system32\drivers\wd
2018-02-01 12:21:43 ----SHD---- C:\Config.Msi
2018-01-31 05:29:56 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-01-31 05:29:56 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-01-31 05:29:56 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-01-31 05:29:56 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2018-01-31 05:29:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-01-31 05:29:55 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-01-31 05:29:55 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2018-01-31 05:29:55 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-01-31 05:29:54 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-01-31 05:29:54 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-01-31 05:29:54 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2018-01-31 05:29:54 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-01-31 05:29:54 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-01-31 05:29:54 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2018-01-31 05:29:53 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-01-31 05:29:53 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-01-31 05:29:53 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-01-31 05:29:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-31 05:29:52 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2018-01-31 05:29:52 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-01-31 05:29:51 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-01-31 05:29:47 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2018-01-31 05:29:47 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-01-31 05:29:47 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-01-31 05:29:47 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-01-31 05:29:46 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-01-31 05:29:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-01-31 05:29:46 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-01-31 05:29:46 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-01-31 05:29:46 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-31 05:29:45 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\ssdpapi.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\scrobj.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-01-31 05:29:44 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2018-01-31 05:29:44 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-01-31 05:29:44 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2018-01-31 05:29:44 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-01-31 05:29:44 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-01-31 05:29:44 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\wwapi.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\wshhyperv.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\SYSWOW64\cscript.exe
2018-01-31 05:29:43 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2018-01-31 05:29:43 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\wscript.exe
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\itss.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\dot3dlg.dll
2018-01-31 05:29:42 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\wmiprop.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\rdvvmtransport.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\fdPnp.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-01-31 05:29:41 ----A---- C:\WINDOWS\system32\drivers\vmgid.sys
2018-01-31 05:29:41 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2018-01-31 05:29:41 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-01-31 05:29:41 ----A---- C:\WINDOWS\system32\drivers\rdpbus.sys
2018-01-31 05:29:41 ----A---- C:\WINDOWS\system32\drivers\dmvsc.sys
2018-01-31 05:29:40 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-01-31 05:29:40 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2018-01-31 05:29:40 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2018-01-31 05:29:40 ----A---- C:\WINDOWS\SYSWOW64\fdWNet.dll
2018-01-31 05:29:39 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-01-31 05:29:39 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-01-31 05:29:38 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-01-31 05:29:38 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2018-01-31 05:29:38 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-01-31 05:29:38 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-01-31 05:29:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\utcutil.dll
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-01-31 05:29:37 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-01-31 05:29:36 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-01-31 05:29:35 ----A---- C:\WINDOWS\system32\SessEnv.dll
2018-01-31 05:29:35 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-31 05:29:35 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2018-01-31 05:29:34 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2018-01-31 05:29:34 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-01-31 05:29:34 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-01-31 05:29:34 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-01-31 05:29:34 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2018-01-31 05:29:34 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2018-01-31 05:29:33 ----A---- C:\WINDOWS\system32\OOBEUpdater.exe
2018-01-31 05:29:31 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-01-31 05:29:30 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-31 05:29:30 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2018-01-31 05:29:30 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-01-31 05:29:29 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-01-31 05:29:29 ----A---- C:\WINDOWS\system32\ieui.dll
2018-01-31 05:29:27 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-01-31 05:29:27 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2018-01-31 05:29:26 ----A---- C:\WINDOWS\system32\offreg.dll
2018-01-31 05:29:25 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-01-31 05:29:25 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-01-31 05:29:25 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-01-31 05:29:25 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2018-01-31 05:29:24 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-01-31 05:29:24 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-01-31 05:29:24 ----A---- C:\WINDOWS\system32\msvcp110_win.dll
2018-01-31 05:29:24 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-01-31 05:29:24 ----A---- C:\WINDOWS\system32\drivers\pcw.sys
2018-01-31 05:29:24 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-01-31 05:29:23 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-01-31 05:29:23 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-01-31 05:29:23 ----A---- C:\WINDOWS\system32\P2P.dll
2018-01-31 05:29:22 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-01-31 05:29:22 ----A---- C:\WINDOWS\system32\ncbservice.dll
2018-01-31 05:29:22 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2018-01-31 05:29:22 ----A---- C:\WINDOWS\splwow64.exe
2018-01-31 05:29:21 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-01-31 05:29:21 ----A---- C:\WINDOWS\system32\nsisvc.dll
2018-01-31 05:29:21 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-01-31 05:29:21 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-01-31 05:29:20 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-01-31 05:29:20 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-01-31 05:29:18 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-01-31 05:29:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-01-31 05:29:17 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-01-31 05:29:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-01-31 05:29:16 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-01-31 05:29:15 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2018-01-31 05:29:15 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-01-31 05:29:15 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-01-31 05:29:15 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-01-31 05:29:14 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-01-31 05:29:13 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-01-31 05:29:13 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-01-31 05:29:13 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-01-31 05:29:13 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-01-31 05:29:13 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-01-31 05:29:12 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-01-31 05:29:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-01-31 05:29:12 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-01-31 05:29:11 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-01-31 05:29:11 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-01-31 05:29:11 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-01-31 05:29:11 ----A---- C:\WINDOWS\system32\hal.dll
2018-01-31 05:29:11 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-01-31 05:29:10 ----A---- C:\WINDOWS\system32\jscript.dll
2018-01-31 05:29:10 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-01-31 05:29:10 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-01-31 05:29:10 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2018-01-31 05:29:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-01-31 05:29:09 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-01-31 05:29:08 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-31 05:29:08 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-01-31 05:29:08 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-01-31 05:29:07 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-01-31 05:29:07 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-01-31 05:29:06 ----A---- C:\WINDOWS\system32\wscsvc.dll
2018-01-31 05:29:06 ----A---- C:\WINDOWS\system32\ole32.dll
2018-01-31 05:29:06 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-01-31 05:29:05 ----A---- C:\WINDOWS\system32\psmsrv.dll
2018-01-31 05:29:05 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-01-31 05:29:05 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-01-31 05:29:04 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-01-31 05:29:04 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-01-31 05:29:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-01-31 05:29:02 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-01-31 05:29:02 ----A---- C:\WINDOWS\system32\winresume.exe
2018-01-31 05:29:01 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-01-31 05:29:01 ----A---- C:\WINDOWS\system32\winload.exe
2018-01-31 05:28:59 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-31 05:28:57 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-01-31 05:28:57 ----A---- C:\WINDOWS\system32\wc_storage.dll
2018-01-31 05:28:57 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-01-31 05:28:56 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-01-31 05:28:54 ----A---- C:\WINDOWS\SYSWOW64\msvcp110_win.dll
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\drivers\vdrvroot.sys
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys
2018-01-31 05:28:54 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-01-31 05:28:53 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\system32\licmgr10.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\system32\itss.dll
2018-01-31 05:28:53 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\rasauto.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\occache.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\inseng.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\imgutil.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\iesysprep.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\hlink.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2018-01-31 05:28:52 ----A---- C:\WINDOWS\system32\dot3svc.dll
2018-01-31 05:28:51 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2018-01-31 05:28:51 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-01-31 05:28:51 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-01-31 05:28:51 ----A---- C:\WINDOWS\system32\pngfilt.dll
2018-01-31 05:28:51 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2018-01-31 05:28:51 ----A---- C:\WINDOWS\system32\adhsvc.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\wextract.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\mshta.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\iexpress.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys
2018-01-31 05:28:50 ----A---- C:\WINDOWS\system32\drivers\irda.sys
2018-01-31 05:28:49 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2018-01-31 05:28:49 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\url.dll
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\drivers\null.sys
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2018-01-31 05:28:49 ----A---- C:\WINDOWS\system32\container.dll
2018-01-31 05:28:48 ----A---- C:\WINDOWS\SYSWOW64\perfhost.exe
2018-01-31 05:28:48 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-31 05:28:48 ----A---- C:\WINDOWS\system32\msrating.dll
2018-01-31 05:28:48 ----A---- C:\WINDOWS\system32\httpprxm.dll
2018-01-31 05:28:48 ----A---- C:\WINDOWS\system32\container_xml.dll
2018-01-31 05:28:47 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2018-01-31 05:28:46 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-31 05:28:46 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-01-31 05:28:44 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-01-31 05:28:44 ----A---- C:\WINDOWS\system32\msIso.dll
2018-01-31 05:28:43 ----A---- C:\WINDOWS\system32\wininet.dll
2018-01-31 05:28:43 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-01-31 05:28:43 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-01-31 05:28:43 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-01-31 05:28:42 ----A---- C:\WINDOWS\system32\hvloader.exe
2018-01-31 05:28:42 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-01-31 05:28:41 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-01-31 05:28:41 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-01-31 05:28:41 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-01-31 05:28:41 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-01-31 05:28:41 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-01-31 05:28:41 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-01-31 05:28:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-01-31 05:28:40 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-01-31 05:28:40 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-01-31 05:28:40 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-01-31 05:28:40 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-31 05:28:39 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-01-31 05:28:39 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2018-01-31 05:28:39 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-01-31 05:28:39 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-01-31 05:28:38 ----A---- C:\WINDOWS\system32\srvsvc.dll
2018-01-31 05:28:38 ----A---- C:\WINDOWS\system32\shell32.dll
2018-01-31 05:28:38 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-01-31 05:28:35 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-01-31 05:28:34 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-31 05:28:34 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-31 05:28:34 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-01-31 05:28:34 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-01-31 05:28:33 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-01-31 05:28:33 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-01-31 05:28:33 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-01-31 05:28:33 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-01-31 05:28:33 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-01-31 05:28:33 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\invagent.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\devinv.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\certprop.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\aepic.dll
2018-01-31 05:28:32 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-01-31 05:28:31 ----A---- C:\WINDOWS\system32\aadtb.dll
2018-01-31 05:28:30 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-01-31 05:28:30 ----A---- C:\WINDOWS\system32\usocore.dll
2018-01-31 05:28:30 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-01-31 05:28:30 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-01-31 05:28:29 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-01-31 05:28:29 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-01-31 05:28:29 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2018-01-31 05:28:28 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-31 05:28:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-01-31 05:28:28 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-01-31 05:28:28 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2018-01-31 05:28:28 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-01-31 05:28:27 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-01-31 05:28:27 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-01-31 05:28:26 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-01-31 05:28:26 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-01-31 05:28:26 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-01-31 05:28:26 ----A---- C:\WINDOWS\system32\efssvc.dll
2018-01-31 05:28:26 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\wow64.dll
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\skci.dll
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\provhandlers.dll
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-01-31 05:28:25 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-31 05:28:24 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-01-31 05:28:24 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-01-31 05:28:24 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2018-01-31 05:28:24 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-01-31 05:28:24 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\cscript.exe
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\consent.exe
2018-01-31 05:28:22 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\wwapi.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\wshhyperv.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\LsaIso.exe
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\logoncli.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\IumSdk.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\iumdll.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\iumbase.dll
2018-01-31 05:28:21 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2018-01-31 05:28:20 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-01-31 05:28:20 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-01-31 05:28:20 ----A---- C:\WINDOWS\system32\scrobj.dll
2018-01-31 05:28:20 ----A---- C:\WINDOWS\system32\icsvcext.dll
2018-01-31 05:28:20 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\wscript.exe
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-01-31 05:28:19 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\wmiprop.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\pcadm.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\jsproxy.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\icsvc.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\fdPnp.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\efslsaext.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\drivers\lltdio.sys
2018-01-31 05:28:18 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\tzres.dll
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\drivers\vms3cap.sys
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\drivers\vmgencounter.sys
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\drivers\VMBusHID.sys
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\drivers\hyperkbd.sys
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\drivers\gpuenergydrv.sys
2018-01-31 05:28:17 ----A---- C:\WINDOWS\system32\drivers\beep.sys
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\wkssvc.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\vmictimeprovider.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\sysntfy.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\nrpsrv.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\keyiso.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\fdWNet.dll
2018-01-31 05:28:16 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2018-01-31 05:12:36 ----HD---- C:\$WINDOWS.~BT
2018-01-30 15:28:17 ----D---- C:\Program Files\rempl

======List of files/folders modified in the last 1 month======

2018-02-03 15:44:42 ----D---- C:\WINDOWS\Prefetch
2018-02-03 15:44:35 ----RD---- C:\Program Files
2018-02-03 15:44:31 ----D---- C:\WINDOWS\Temp
2018-02-03 15:43:14 ----D---- C:\WINDOWS\INF
2018-02-03 15:42:29 ----D---- C:\Windows
2018-02-03 15:40:30 ----D---- C:\WINDOWS\LiveKernelReports
2018-02-03 15:40:30 ----D---- C:\WINDOWS\debug
2018-02-03 15:27:56 ----D---- C:\Users\Mara\AppData\Roaming\Mozilla
2018-02-03 15:27:48 ----D---- C:\Users\Mara\AppData\Roaming\Seznam.cz
2018-02-03 15:27:43 ----D---- C:\WINDOWS\System32
2018-02-03 15:27:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-03 15:26:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-03 15:26:01 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-02-03 15:25:10 ----D---- C:\Users\Mara\AppData\Roaming\Skype
2018-02-03 15:24:54 ----D---- C:\WINDOWS\AppReadiness
2018-02-03 14:21:44 ----D---- C:\WINDOWS\system32\config
2018-02-03 14:20:28 ----D---- C:\WINDOWS\system32\drivers
2018-02-02 10:48:40 ----D---- C:\WINDOWS\system32\sru
2018-02-02 10:47:47 ----HD---- C:\Program Files\WindowsApps
2018-02-02 10:39:39 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-02 10:39:38 ----D---- C:\WINDOWS\WinSxS
2018-02-02 10:36:04 ----D---- C:\WINDOWS\system32\catroot2
2018-02-02 10:35:03 ----SD---- C:\WINDOWS\UpdateAssistantV2
2018-02-02 10:35:03 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-02-02 10:35:03 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-02 10:35:03 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-02-02 10:35:03 ----D---- C:\WINDOWS\SysWOW64
2018-02-02 10:34:58 ----SD---- C:\WINDOWS\system32\F12
2018-02-02 10:34:58 ----D---- C:\WINDOWS\system32\wbem
2018-02-02 10:34:58 ----D---- C:\WINDOWS\system32\oobe
2018-02-02 10:34:58 ----D---- C:\WINDOWS\system32\migration
2018-02-02 10:34:58 ----D---- C:\WINDOWS\system32\cs-CZ
2018-02-02 10:34:58 ----D---- C:\WINDOWS\system32\Boot
2018-02-02 10:34:54 ----D---- C:\WINDOWS\AppPatch
2018-02-02 10:34:54 ----D---- C:\Program Files (x86)\Windows Media Player
2018-02-02 10:34:54 ----D---- C:\Program Files (x86)\Internet Explorer
2018-02-02 10:34:53 ----D---- C:\Program Files\Windows Media Player
2018-02-02 10:34:53 ----D---- C:\Program Files\Internet Explorer
2018-02-02 10:34:48 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-01 18:44:15 ----D---- C:\WINDOWS\CbsTemp
2018-02-01 18:44:05 ----D---- C:\WINDOWS\system32\MRT
2018-02-01 18:40:11 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-01 18:40:01 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-01 12:22:03 ----SHD---- C:\WINDOWS\Installer
2018-01-31 05:17:36 ----DC---- C:\WINDOWS\Panther
2018-01-30 15:27:55 ----SHD---- C:\System Volume Information
2018-01-30 15:26:24 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-01-30 15:23:34 ----D---- C:\WINDOWS\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-01-01 8192]
R1 MpKsl3066af8a;MpKsl3066af8a; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B173AB8-813C-47E7-999A-12D067EA2041}\MpKsl3066af8a.sys [2018-02-03 58120]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2018-01-01 79872]
R3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-03-18 604160]
R3 rtl8192se;@net8192se64.inf,%RTL8192se.Service.DispName%;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\WINDOWS\System32\drivers\rtl8192se.sys [2017-03-18 1222656]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-01-01 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-01-01 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2017-09-05 104960]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2017-03-18 179200]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-07-28 51712]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2017-03-18 45568]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2017-03-18 263584]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-03-18 98712]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-03-18 138656]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2017-03-18 59288]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2017-03-18 29600]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-03-18 28064]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Amazon Assistant Service;Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [2017-10-04 105136]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_6c4a4;Uživatelská služba platformy připojených zařízení_6c4a4; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_6c4a4;Hostitel synchronizace_6c4a4; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [2016-08-05 851168]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2016-05-18 972056]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-06-26 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-06-26 16928]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_6c4a4;Data kontaktů_6c4a4; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 UnistoreSvc_6c4a4;Úložiště uživatelských dat_6c4a4; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-18 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-04-05 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-15 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_6c4a4;Tok zařízení_6c4a4; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-18 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_6c4a4;Služba zasílání zpráv_6c4a4; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-02-03 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-08-05 1038048]
S3 PDF Architect 4;PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2016-08-05 2438880]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-06-26 87760]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#3 Příspěvek od atsok »

aaved.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2017-09-27 01:41 - 000000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-772858087-439378103-3593226653-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.87.176.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{32600710-01F4-4F3A-948F-58F97214A1D9}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{3592EF95-0276-42A0-8BC8-BEFFA2F837F6}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{8D21B692-9FFD-4ABC-8839-6340242DD851}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{AA09E17F-ED31-4718-A96A-7FD0C91A04BE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{C4BC0AE1-8B57-4220-877E-BF131C768DF7}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{3C591F40-3D3F-4B52-A4FC-437FCB0F50CE}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{18EFED41-8CED-474E-AABA-B5A8B7081223}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{7A73FD75-91ED-4395-AFC4-841F72A500BC}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{65652E13-8B2B-472D-9592-F5A662E63497}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B54E80CF-F319-471F-A77A-3D5BD5EBFA7E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B712854A-CD3E-41BC-95B2-9A8A0F185EC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C47149D-2C7E-4EC5-835C-D1C21DD0327F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B8BEFC1-8510-40AD-BC62-EBA0C484D9B2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{03E5D9B4-DCD6-4177-806A-A6796FFA62A4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C26CAA7F-A18F-4925-B617-89F801637DDB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{5B4F75CC-DFB6-4F54-B89D-92A7A0884316}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{C6E725C8-A25B-4187-9AC3-324B8ED45E2F}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{0276FB3C-76C2-420E-B140-2C10E6C4672A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

01-11-2017 16:42:16 Naplánovaný kontrolní bod
10-11-2017 18:01:30 Naplánovaný kontrolní bod
21-11-2017 10:37:47 Windows Update
21-11-2017 10:38:57 Windows Update
30-01-2018 15:27:07 Windows Update

==================== Faulty Device Manager Devices =============

Name: Koprocesor
Description: Koprocesor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2018 06:31:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147009280. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/01/2018 06:09:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/31/2018 12:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-2SQL7M7)
Description: Balíček Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (01/31/2018 05:14:49 AM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (01/31/2018 05:14:46 AM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (01/31/2018 04:37:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2018 02:01:16 PM) (Source: Microsoft Office 12) (EventID: 2000) (User: )
Description: Accepted Safe Mode action : Microsoft Office Outlook.

Error: (01/16/2018 02:01:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program OUTLOOK.EXE verze 12.0.4518.1014 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1b3c

Čas spuštění: 01d375ac2732ed18

Čas ukončení: 0

Cesta k aplikaci: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

ID hlášení: bc4cc987-224a-4398-83c7-e7f0215dea79

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (12/15/2017 02:28:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/15/2017 02:28:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-2SQL7M7)
Description: Aplikace Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App se nespustila ve stanovenou dobu.


System errors:
=============
Error: (02/03/2018 03:25:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (02/02/2018 10:48:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (02/02/2018 10:48:28 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (02/02/2018 10:48:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:38:01, ‎02.‎02.‎2018) bylo neočekávané.

Error: (02/02/2018 10:37:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (02/02/2018 10:37:52 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (02/02/2018 10:35:59 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (02/02/2018 10:34:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/02/2018 10:27:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (02/02/2018 10:27:29 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.


CodeIntegrity:
===================================
Date: 2018-02-01 12:19:32.490
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-02-01 12:19:32.486
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-23 12:52:51.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-11-21 11:09:08.579
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-12 18:01:45.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-12 10:37:36.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-09-25 10:21:06.499
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-09-25 10:12:10.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-09-25 10:12:10.295
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-09-25 10:09:37.062
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 73%
Total physical RAM: 3839.23 MB
Available physical RAM: 1023.88 MB
Total Virtual: 6015.23 MB
Available Virtual: 2532.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.51 GB) (Free:91.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 6697A7D7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=845 MB) - (Type=27)

==================== End of Addition.txt ============================



DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.850 BrowserJavaVersion: 11.121.2
Run by Mara at 15:46:08 on 2018-02-03
Microsoft Windows 10 Home 10.0.15063.0.1250.420.1029.18.3839.1109 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TabletInputService
C:\WINDOWS\system32\nvvsvc.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s Themes
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Program Files\PDF Architect 4\creator-ws.exe
C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
C:\Program Files\TrueKey\McTkSchedulerService.exe
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
svchost.exe
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.724_none_9e8a868b2d8a538d\TiWorker.exe
C:\PROGRA~1\TrueKey\MCAFEE~2.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Explorer.EXE
c:\windows\system32\taskhostw.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\WINDOWS\system32\mshta.exe
C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CCleaner\CCleaner64.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
C:\WINDOWS\system32\compattelrunner.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\Windows\System32\InstallAgent.exe
C:\Windows\System32\InstallAgentUserBroker.exe
C:\WINDOWS\system32\CompatTelRunner.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Program Files\CCleaner\CCleaner64.exe
C:\WINDOWS\System32\svchost.exe -k smphost
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\Users\Mara\Downloads\RSITx64.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Amazon Assistant: {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: PDF Architect 4 Helper: {38279E1A-7019-40C1-B579-E99DFB3312E8} - C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
TB: PDF Architect 4 Toolbar: {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
uRun: [OneDrive] "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [BingSvc] C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
uRun: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
uRun: [cz.seznam.software.autoupdate] "C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
uRun: [cz.seznam.software.szndesktop] "C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: Download all with FDM - C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlall.htm
IE: Download selected with FDM - C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dlselected.htm
IE: Download with FDM - C:/Program Files/FreeDownloadManager.ORG/Free Download Manager/dllink.htm
IE: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 80.87.176.1 8.8.8.8
TCP: Interfaces\{12fd5212-26d1-4433-98bb-5a863957f9c8} : DHCPNameServer = 80.87.176.1 8.8.8.8
TCP: Interfaces\{69d4874f-62b9-4546-9c7c-26375b8b0192} : DHCPNameServer = 80.87.176.1 8.8.8.8
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
LSA: Security Packages = ""
mASetup: {104AA62D-D285-4BF9-87ED-CC68F20CDD0F} - C:\Program Files (x86)\Amazon\Amazon Assistant\AmazonAssistantTaskbar.exe /pin:
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Amazon Assistant: {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -
x64-BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo®
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_28_0_0_137.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Ovladač modulu Intel(R) Power Engine Plug-in;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Ovladač filtru rychlosti vstupně-výstupních operací disku;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 volume;Ovladač svazku;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-1-31 70224]
R0 WindowsTrustedRTProxy;Služba zabezpečení důvěryhodného modulu runtime Microsoft Windows;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-1-31 239616]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-1-31 8192]
R1 MpKsl3066af8a;MpKsl3066af8a;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B173AB8-813C-47E7-999A-12D067EA2041}\MpKsl3066af8a.sys [2018-2-3 58120]
R2 Amazon Assistant Service;Amazon Assistant Service;C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [2017-10-4 105136]
R2 CDPSvc;Služba platformy připojených zařízení;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 CDPUserSvc_6c4a4;Uživatelská služba platformy připojených zařízení_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 DiagTrack;Propojená uživatelská prostředí a telemetrie;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DoSvc;Optimalizace doručení;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 DusmSvc;Využití dat;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 OneSyncSvc_6c4a4;Hostitel synchronizace_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 PDF Architect 4 Creator;PDF Architect 4 Creator;C:\Program Files\PDF Architect 4\creator-ws.exe [2016-8-5 851168]
R2 PDF Architect 4 Manager;PDF Architect 4 Manager;C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [2016-5-18 972056]
R2 SecurityHealthService;Centrum zabezpečení v programu Windows Defender;C:\WINDOWS\System32\SecurityHealthService.exe [2017-10-12 336320]
R2 storqosflt;Ovladač filtru technologie QoS pro úložiště;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-1-31 79872]
R2 tiledatamodelsvc;Server datového modelu dlaždic;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-7-9 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-10-25 16928]
R2 UserManager;Správce uživatelů;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-1-31 142744]
R2 WpnService;Systémová služba nabízených oznámení Windows;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 WpnUserService_6c4a4;Uživatelská služba nabízených oznámení Windows_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
R3 lfsvc;Služba sledování zeměpisné polohy;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 LicenseManager;Služba správce licencí Windows;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R3 NcbService;Zprostředkovatel síťového připojení;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Enumerátor virtuálního síťového adaptéru Microsoft;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 PimIndexMaintenanceSvc_6c4a4;Data kontaktů_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 rt640x64;Ovladač Realtek RT640 NT;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-3-18 604160]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\WINDOWS\System32\drivers\rtl8192se.sys [2017-3-18 1222656]
R3 smphost;Prostory úložiště SMP společnosti Microsoft;C:\WINDOWS\System32\svchost.exe -k smphost [2017-3-18 47664]
R3 StateRepository;Služba State Repository;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R3 TimeBrokerSvc;Zprostředkovatel času;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 TokenBroker;TokenBroker;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 UnistoreSvc_6c4a4;Úložiště uživatelských dat_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 UserDataSvc_6c4a4;Přístup k uživatelským datům_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 WdNisDrv;Systémový ovladač kontroly sítě antivirového programu Windows Defender;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-2-1 129616]
R3 WdNisSvc;Služba kontroly sítě antivirového programu Windows Defender;C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe [2018-2-1 356168]
S?3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 MapsBroker;Správce stažených map;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-4-5 317400]
S3 AcpiDev;Ovladač zařízení ACPI;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;Služba směrovače AllJoyn;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;Připravenost aplikací;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BthHFSrv;Služba Bluetooth Handsfree;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Služba pro zařízení pro ovládání přenosných zařízení;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-14 39424]
S3 CAD;Ovladač arbitrace nabití;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
S3 CapImg;Ovladač HID pro dotykovou obrazovku CapImg;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 ClipSVC;Služba pro klientské licence (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 DevicesFlowUserSvc_6c4a4;Tok zařízení_6c4a4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-3-18 47664]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 diagnosticshub.standardcollector.service;Standardní služba sběru dat pro Centrum diagnostiky Microsoft (R);C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Služba zápisu při správě zařízení;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 DsSvc;Služba sdílení dat;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 embeddedmode;Vložený režim;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Služba Správa aplikací pro rozlehlé sítě;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Obecná funkční třída USB;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Společný ovladač pro tlačítka standardu HID implementovaná s přerušeními;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;Hostitelská služba HV;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 iagpio;Ovladač řadiče Intel(R) Serial IO GPIO;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Hostitelský řadič Intel(R) Serial IO I2C;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Ovladač řadiče Intel(R) Serial IO GPIO verze 2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Ovladač řadiče Intel(R) Serial IO GPIO verze 2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Ovladač řadiče Intel(R) Serial IO I2C v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Ovladač řadiče Intel(R) Serial IO I2C v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Ovladač řadiče Intel(R) Serial IO I2C;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Řadič Intel(R) SATA diskového pole RAID – Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Služba mobilní hotspot systému Windows;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Ovladač Indirect Displays v režimu jádra;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 IpxlatCfgSvc;Služba konfigurace překladu adres IP;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;Ovladač hostitelského řadiče MA-USB;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;Ovladač filtru IP typu MA-USB;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 MessagingService_6c4a4;Služba zasílání zpráv_6c4a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 NaturalAuthentication;Přirozené ověřování;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Služba instalace sítě;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-1-31 118784]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 nvdimmn;Ovladač zařízení Microsoft NVDIMM-N;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 PDF Architect 4 CrashHandler;PDF Architect 4 CrashHandler;C:\Program Files\PDF Architect 4\crash-handler-ws.exe [2016-8-5 1038048]
S3 PDF Architect 4;PDF Architect 4;C:\Program Files\PDF Architect 4\ws.exe [2016-8-5 2438880]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Telefonní služba;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 RetailDemo;Služba ukázkového režimu pro prodejny;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-3-18 47664]
S3 ScDeviceEnum;Služba výčtu zařízení čipové karty;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 scmbus;Ovladač Microsoftu pro sběrnici SCM (Storage Class Memory);C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;Reflektor SDF;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SEMgrSvc;Správce plateb a NFC/SE;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 SensorDataService;Služba dat ze senzorů;C:\WINDOWS\System32\SensorDataService.exe [2017-3-18 1284608]
S3 SensorService;Senzorová služba;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 SmsRouter;Služba směrovače SMS systému Microsoft Windows;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-1-31 891904]
S3 stornvme;Ovladač Microsoft Standard NVM Express ;C:\WINDOWS\System32\drivers\stornvme.sys [2017-11-21 95640]
S3 storufs;Ovladač Microsoft Universal Flash Storage (UFS);C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 TieringEngineService;Správa vrstev úložiště;C:\WINDOWS\System32\TieringEngineService.exe [2017-3-18 302592]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-7-9 87760]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-9-14 104960]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;Klient UCSI Správce konektoru USB;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-8-9 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 UEFI;Ovladač Microsoft UEFI;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;Řadič USB – Chipidea;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;Řadič USB – Synopsys;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsChipidea;Chipidea – ovladač USB pro přepínání rolí;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsSynopsys;Synopsys – ovladač USB pro přepínání rolí;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 vhf;Ovladač VHF (Virtual HID Framework);C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Ovladač infrastruktury hosta Microsoft Hyper-V;C:\WINDOWS\System32\drivers\vmgid.sys [2018-1-31 10240]
S3 vmicguestinterface;Rozhraní služby hosta technologie Hyper-V;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicvmsession;Přímá služba PowerShell pro Hyper-V;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;C:\WINDOWS\System32\svchost.exe -k ICService [2017-3-18 47664]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-1-31 72192]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-1-31 757248]
S3 WEPHOSTSVC;Hostitelská služba zprostředkovatele šifrování Windows;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-3-18 47664]
S3 WFDSConMgrSvc;Služba Správce připojení služeb Wi-Fi Direct;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Ovladač Windows NAT;C:\WINDOWS\System32\drivers\winnat.sys [2018-1-31 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 wisvc;Služba Windows Insider;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 wlpasvc;Služba LPA;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 workfolderssvc;Pracovní složky;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-3-18 220672]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblGameSave;Uložení hry Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-7-11 277504]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XboxNetApiSvc;Síťová služba Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S4 tzautoupdate;Automatický aktualizátor časových pásem;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: PDF Architect 4.exe: edit="C:\Program Files\PDF Architect 4\architect.exe" --file "%1"
ShellExec: PDF Architect 4.exe: open="C:\Program Files\PDF Architect 4\architect.exe" --file "%1"
.
=============== Created Last 30 ================
.
2018-02-03 14:44:35 -------- d-----w- C:\Program Files\trend micro
2018-02-03 14:44:29 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B173AB8-813C-47E7-999A-12D067EA2041}\MpKsl3066af8a.sys
2018-02-03 14:35:42 -------- d-----w- C:\FRST
2018-02-03 14:32:16 14047160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B173AB8-813C-47E7-999A-12D067EA2041}\mpengine.dll
2018-02-03 14:26:00 352720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz96B.tmp
2018-02-03 14:26:00 135120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleHandler.dll
2018-02-03 14:23:58 -------- d--h--w- C:\OneDriveTemp
2018-02-03 13:20:28 -------- d-----w- C:\WINDOWS\System32\drivers\wd
2018-02-01 17:23:14 14047160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-01-31 04:29:56 754176 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2018-01-31 04:28:59 626176 ----a-w- C:\WINDOWS\System32\Windows.Internal.Bluetooth.dll
2018-01-31 04:12:36 -------- d--h--w- C:\$WINDOWS.~BT
2018-01-30 14:28:17 -------- d-----w- C:\Program Files\rempl
.
==================== Find3M ====================
.
2018-02-01 17:40:11 129365736 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-02-01 02:21:05 129616 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-02-01 02:21:03 288848 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-02-01 02:21:02 46072 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-01-30 14:26:24 548000 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-01-01 06:03:21 891904 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-01-01 02:27:39 22208 ----a-w- C:\WINDOWS\System32\IumSdk.dll
2018-01-01 02:27:35 382864 ----a-w- C:\WINDOWS\System32\atmfd.dll
2018-01-01 02:27:26 74648 ----a-w- C:\WINDOWS\System32\drivers\vpci.sys
2018-01-01 02:27:25 74648 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-01-01 02:27:22 751576 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2018-01-01 02:27:20 264536 ----a-w- C:\WINDOWS\System32\LsaIso.exe
2018-01-01 02:27:20 15632 ----a-w- C:\WINDOWS\System32\iumdll.dll
2018-01-01 02:27:19 20376 ----a-w- C:\WINDOWS\System32\kdhvcom.dll
2018-01-01 02:27:18 544152 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-01-01 02:27:18 22800 ----a-w- C:\WINDOWS\System32\iumbase.dll
2018-01-01 02:27:17 1021336 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-01-01 02:27:15 66712 ----a-w- C:\WINDOWS\System32\iumcrypt.dll
2018-01-01 02:26:58 107416 ----a-w- C:\WINDOWS\System32\drivers\vmbus.sys
2018-01-01 02:25:15 1065608 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-01-01 02:25:13 900880 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-01-01 02:24:48 229888 ----a-w- C:\WINDOWS\System32\wscapi.dll
2018-01-01 02:24:43 135576 ----a-w- C:\WINDOWS\System32\drivers\ksecdd.sys
2018-01-01 02:24:31 8345496 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-01-01 02:24:21 1188544 ----a-w- C:\WINDOWS\System32\winload.exe
2018-01-01 02:24:16 102808 ----a-w- C:\WINDOWS\System32\drivers\disk.sys
2018-01-01 02:24:13 33688 ----a-w- C:\WINDOWS\System32\drivers\fs_rec.sys
2018-01-01 02:24:07 52632 ----a-w- C:\WINDOWS\System32\drivers\pcw.sys
2018-01-01 02:24:06 2327448 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2018-01-01 02:24:00 105880 ----a-w- C:\WINDOWS\System32\drivers\mountmgr.sys
2018-01-01 02:23:43 386456 ----a-w- C:\WINDOWS\System32\drivers\fltMgr.sys
2018-01-01 02:22:48 1239448 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2018-01-01 02:22:38 119704 ----a-w- C:\WINDOWS\System32\drivers\tdx.sys
2018-01-01 02:22:35 1194784 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2018-01-01 02:22:33 181912 ----a-w- C:\WINDOWS\System32\sspicli.dll
2018-01-01 02:22:26 503704 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-01-01 02:21:50 63896 ----a-w- C:\WINDOWS\System32\drivers\fsdepends.sys
2018-01-01 02:21:49 587160 ----a-w- C:\WINDOWS\System32\drivers\spaceport.sys
2018-01-01 02:21:40 328616 ----a-w- C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
2018-01-01 02:20:44 459160 ----a-w- C:\WINDOWS\System32\wifitask.exe
2018-01-01 02:20:12 7319912 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-01-01 02:20:12 524760 ----a-w- C:\WINDOWS\System32\WWanAPI.dll
2018-01-01 02:20:02 36760 ----a-w- C:\WINDOWS\System32\drivers\storvsc.sys
2018-01-01 02:18:47 110600 ----a-w- C:\WINDOWS\System32\rmclient.dll
2018-01-01 02:18:14 966040 ----a-w- C:\WINDOWS\System32\hvloader.efi
2018-01-01 02:18:10 57752 ----a-w- C:\WINDOWS\System32\drivers\netbios.sys
2018-01-01 02:18:06 59800 ----a-w- C:\WINDOWS\System32\hvhostsvc.dll
2018-01-01 02:18:03 316240 ----a-w- C:\WINDOWS\System32\wow64.dll
2018-01-01 02:18:00 822680 ----a-w- C:\WINDOWS\System32\hvloader.exe
2018-01-01 02:18:00 175800 ----a-w- C:\WINDOWS\System32\skci.dll
2018-01-01 02:18:00 1146776 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-01-01 02:17:19 154520 ----a-w- C:\WINDOWS\System32\consent.exe
2018-01-01 02:16:52 2672024 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-01-01 02:16:30 1107352 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-01-01 02:16:27 610712 ----a-w- C:\WINDOWS\System32\drivers\afd.sys
2018-01-01 02:15:06 83352 ----a-w- C:\WINDOWS\System32\drivers\volmgr.sys
2018-01-01 02:15:03 1396680 ----a-w- C:\WINDOWS\System32\winload.efi
2018-01-01 02:15:01 644696 ----a-w- C:\WINDOWS\System32\advapi32.dll
2018-01-01 02:14:42 159640 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys
2018-01-01 02:10:45 100800 ----a-w- C:\WINDOWS\System32\wwapi.dll
2018-01-01 02:09:58 70224 ----a-w- C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys
2018-01-01 02:09:54 434072 ----a-w- C:\WINDOWS\System32\drivers\rdbss.sys
2018-01-01 02:09:49 114584 ----a-w- C:\WINDOWS\System32\icfupgd.dll
2018-01-01 02:09:33 142744 ----a-w- C:\WINDOWS\System32\drivers\wcifs.sys
2018-01-01 02:08:44 1325960 ----a-w- C:\WINDOWS\System32\ole32.dll
2018-01-01 02:07:01 583688 ----a-w- C:\WINDOWS\System32\msvcp110_win.dll
2018-01-01 02:03:48 311704 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2018-01-01 02:03:46 627584 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2018-01-01 01:52:06 195768 ----a-w- C:\WINDOWS\SysWow64\wscapi.dll
2018-01-01 01:52:00 23680512 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-01-01 01:50:42 787704 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-01-01 01:49:11 267112 ----a-w- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
2018-01-01 01:48:18 73896 ----a-w- C:\WINDOWS\SysWow64\wwapi.dll
2018-01-01 01:48:03 5828768 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-01-01 01:47:58 433888 ----a-w- C:\WINDOWS\SysWow64\WWanAPI.dll
2018-01-01 01:47:24 16592 ----a-w- C:\WINDOWS\SysWow64\wshhyperv.dll
2018-01-01 01:47:15 186520 ----a-w- C:\WINDOWS\SysWow64\logoncli.dll
2018-01-01 01:47:14 1998416 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-01-01 01:46:45 87352 ----a-w- C:\WINDOWS\SysWow64\rmclient.dll
2018-01-01 01:46:37 702032 ----a-w- C:\WINDOWS\SysWow64\winhttp.dll
2018-01-01 01:45:37 988160 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2018-01-01 01:44:06 411184 ----a-w- C:\WINDOWS\SysWow64\msvcp110_win.dll
2018-01-01 01:43:33 3670016 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-01-01 01:42:53 99840 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-01-01 01:42:53 47104 ----a-w- C:\WINDOWS\System32\atmlib.dll
2018-01-01 01:42:51 83968 ----a-w- C:\WINDOWS\System32\drivers\vmbkmclr.sys
2018-01-01 01:42:49 122880 ----a-w- C:\WINDOWS\System32\fontsub.dll
2018-01-01 01:42:46 55296 ----a-w- C:\WINDOWS\System32\drivers\winhvr.sys
2018-01-01 01:42:22 480912 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll
2018-01-01 01:40:53 52736 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
2018-01-01 01:39:59 144896 ----a-w- C:\WINDOWS\System32\wextract.exe
2018-01-01 01:38:50 334336 ----a-w- C:\WINDOWS\System32\wc_storage.dll
2018-01-01 01:37:58 232960 ----a-w- C:\WINDOWS\System32\wcmcsp.dll
2018-01-01 01:36:54 463872 ----a-w- C:\WINDOWS\System32\wcncsvc.dll
2018-01-01 01:36:50 209920 ----a-w- C:\WINDOWS\System32\P2P.dll
2018-01-01 01:36:46 307712 ----a-w- C:\WINDOWS\System32\icsvcext.dll
2018-01-01 01:36:17 328704 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-01-01 01:36:12 252416 ----a-w- C:\WINDOWS\System32\dot3svc.dll
2018-01-01 01:36:11 310784 ----a-w- C:\WINDOWS\System32\wifiprofilessettinghandler.dll
2018-01-01 01:36:02 773120 ----a-w- C:\WINDOWS\System32\PhoneService.dll
.
============= FINISH: 15:51:15,66 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 04.08.2017 14:01:33
System Uptime: 03.02.2018 15:19:25 (0 hours ago)
.
Motherboard: MEDIONPC | | MS-7621
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz | CPU 1 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 232 GiB total, 91,426 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Koprocesor
Device ID: PCI\VEN_10DE&DEV_0AA3&SUBSYS_76211462&REV_B1\3&267A616A&1&1D
Manufacturer:
Name: Koprocesor
PNP Device ID: PCI\VEN_10DE&DEV_0AA3&SUBSYS_76211462&REV_B1\3&267A616A&1&1D
Service:
.
Class GUID:
Description: Multimediální adaptér
Device ID: PCI\VEN_1131&DEV_7231&SUBSYS_000816BE&REV_CA\4&169ED4B9&0&00B0
Manufacturer:
Name: Multimediální adaptér
PNP Device ID: PCI\VEN_1131&DEV_7231&SUBSYS_000816BE&REV_CA\4&169ED4B9&0&00B0
Service:
.
Class GUID:
Description:
Device ID: ACPI\AWY0001\2&DABA3FF&1
Manufacturer:
Name:
PNP Device ID: ACPI\AWY0001\2&DABA3FF&1
Service:
.
==== System Restore Points ===================
.
RP13: 01.11.2017 16:42:16 - Naplánovaný kontrolní bod
RP14: 10.11.2017 18:01:30 - Naplánovaný kontrolní bod
RP15: 21.11.2017 10:37:47 - Windows Update
RP16: 21.11.2017 10:38:57 - Windows Update
RP17: 30.01.2018 15:27:07 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 28 NPAPI
Adobe Flash Player 28 PPAPI
Aktualizace NVIDIA 10.4.0
Amazon Assistant
Amazon Search
Canon MG5200 series MP Drivers
CCleaner
Google Chrome
Google Update Helper
Intel Security True Key
Intel® RealSense™ SDK 2014 Runtime (x64): Core
Java 8 Update 121
Java Auto Updater
Kodi
Manager
Microsoft Office Access MUI (Czech) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Czech) 2007
Microsoft Office Groove MUI (Czech) 2007
Microsoft Office InfoPath MUI (Czech) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Czech) 2007
Microsoft Office Outlook MUI (Czech) 2007
Microsoft Office PowerPoint MUI (Czech) 2007
Microsoft Office Proof (Czech) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Slovak) 2007
Microsoft Office Proofing (Czech) 2007
Microsoft Office Publisher MUI (Czech) 2007
Microsoft Office Shared 64-bit MUI (Czech) 2007
Microsoft Office Shared MUI (Czech) 2007
Microsoft Office Word MUI (Czech) 2007
Microsoft OneDrive
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
MKVtoolnix 2.1.0
Mozilla Firefox 58.0.1 (x64 cs)
Mozilla Maintenance Service
NVIDIA Install Application
NVIDIA Ovladače grafiky 342.01
NVIDIA Update Core
Ovládací panel NVIDIA 342.01
PDF Architect 4
PDF Architect 4 Create Module
PDF Architect 4 Edit Module
PDF Architect 4 View Module
PDFCreator
Seznam Software
Skype™ 7.36
Update for Windows 10 for x64-based Systems (KB4023057)
VLC media player
Winamp
Windows 10 Update and Privacy Settings
WinRAR 5.31 (64-bit)
.
==== End Of File ===========================

Dekuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#4 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#5 Příspěvek od atsok »

Zde je log .:)

# AdwCleaner 7.0.7.0 - Logfile created on Sat Feb 03 16:47:38 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: Amazon Assistant Service


***** [ Folders ] *****

Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:\Program Files (x86)\Amazon Browser Settings
Deleted: C:\Users\Mara\AppData\Local\Amazon Browser Settings


***** [ Files ] *****

Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
Deleted: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\invalidprefs.js
Deleted: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\searchplugins\yahoo-lavasoft.xml
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
Deleted: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DistromaticSearchProtect-logon
Deleted: DistromaticUpdater-periodic
Deleted: DistromaticSearchProtect-hourly
Deleted: DistromaticUpdater-logon


***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Key] - HKU\S-1-5-21-772858087-439378103-3593226653-1001\Software\distromatic
Deleted: [Key] - HKCU\Software\distromatic
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-772858087-439378103-3593226653-1001\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Assistant
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKCU\SOFTWARE\Classes\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: MSN Homepage & Bing Search Engine -


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [5588 B] - [2018/2/3 16:44:27]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dekuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#6 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#7 Příspěvek od atsok »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Mara (administrator) on DESKTOP-2SQL7M7 (03-02-2018 18:54:53)
Running from C:\Users\Mara\Downloads
Loaded Profiles: Mara (Available Profiles: Mara)
Platform: Windows 10 Home Version 1703 15063.850 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(© 2015 Microsoft Corporation) C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-19] (NVIDIA Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [BingSvc] => C:\Users\Mara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-03] (Skype Technologies S.A.)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.87.176.1 8.8.8.8
Tcpip\..\Interfaces\{12fd5212-26d1-4433-98bb-5a863957f9c8}: [DhcpNameServer] 80.87.176.1 8.8.8.8
Tcpip\..\Interfaces\{69d4874f-62b9-4546-9c7c-26375b8b0192}: [DhcpNameServer] 80.87.176.1 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {1A108CC4-3B5A-4DE5-A8F6-AF1078A2E2BE} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {513CF2CE-5C7A-4330-8FF6-1B1854D809BE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {75C0BEDE-59C6-44C4-AC09-32DAB9706C30} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {79856514-7C12-4ECA-A2A8-98614592AAB4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {8A968FAF-DEA1-4314-B820-5DC06FB4AD6B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {B1F19DE6-4A48-4C3C-B7A8-44AC3DC78305} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10301__160902__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {E198FD3B-D854-4E49-9C2D-EE760C9CE4E6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {ECCCB144-17A7-44F6-ABEF-A76885934135} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-772858087-439378103-3593226653-1001 -> {F6771896-BEF3-424E-9673-3EAB36DB543E} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_29530
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-15] (Oracle Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)

FireFox:
========
FF DefaultProfile: 66h6usma.default
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default [2018-02-03]
FF Homepage: Mozilla\Firefox\Profiles\66h6usma.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\66h6usma.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10301__160902__yaff
FF Extension: (Bing Search) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-08-07] [Legacy]
FF Extension: (NoiaButtons) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\NoiaButtons@ArisT2_Noia4dev.xpi [2017-09-14] [Legacy]
FF Extension: (Noia Fox options) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2016-05-17] [Legacy]
FF Extension: (NewScrollbars (aka NoiaScrollbars)) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2017-01-17] [Legacy]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\sko-extension@firma.seznam.cz [2017-11-21]
FF Extension: (Aeon Colors) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}.xpi [2015-10-07] [Legacy] [not signed]
FF Extension: (Open With Opera) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{60ac7b3b-86c0-4bca-8ba2-fb25abb46bef}.xpi [2017-10-07]
FF Extension: (Noia Fox) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2015-08-21] [Legacy]
FF Extension: (Aeon Jumbo) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{C8E400E3-44BC-4e78-8C17-8C48E74C67F4}.xpi [2015-10-07] [Legacy] [not signed]
FF Extension: (Adblock Plus) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-31]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-21]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Extension: (Firefox 2, the theme, reloaded) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\66h6usma.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi [2017-10-23] [Legacy]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-09-02] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2017-12-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2017-12-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)

Chrome:
=======
CHR HomePage: Default -> msn.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2018-02-03]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-15]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-15]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-18]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-02-03]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-02-03]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-18]
CHR Extension: (Bing) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-02-03]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-08]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-02-03]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-18]
CHR Extension: (Chrome Media Router) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-03]
CHR HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 MpKsl3066af8a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B173AB8-813C-47E7-999A-12D067EA2041}\MpKsl3066af8a.sys [58120 2018-02-03] (Microsoft Corporation)
R1 MpKslfa690941; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{895DA3C0-A1F1-421F-8406-961E770C45E0}\MpKslfa690941.sys [58120 2018-02-03] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-02-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-02-01] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-01] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-03 18:53 - 2018-02-03 18:53 - 000010778 _____ C:\Users\Mara\Desktop\Váha.xlsx
2018-02-03 17:58 - 2018-02-03 17:58 - 000004246 _____ C:\WINDOWS\system32\PerfStringBackup.TMP
2018-02-03 17:53 - 2018-02-03 17:53 - 000000000 ___HD C:\OneDriveTemp
2018-02-03 17:50 - 2018-02-03 18:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-03 17:41 - 2018-02-03 17:39 - 008206624 _____ (Malwarebytes) C:\Users\Mara\Desktop\adwcleaner_7.0.7.0.exe
2018-02-03 17:40 - 2018-02-03 17:44 - 000000000 ____D C:\AdwCleaner
2018-02-03 17:39 - 2018-02-03 17:39 - 008206624 _____ (Malwarebytes) C:\Users\Mara\Downloads\adwcleaner_7.0.7.0.exe
2018-02-03 15:51 - 2018-02-03 15:51 - 000039883 _____ C:\Users\Mara\Desktop\dds.txt
2018-02-03 15:45 - 2018-02-03 15:45 - 000688992 ____R (Swearware) C:\Users\Mara\Downloads\dds.exe
2018-02-03 15:44 - 2018-02-03 15:44 - 000000000 ____D C:\rsit
2018-02-03 15:44 - 2018-02-03 15:44 - 000000000 ____D C:\Program Files\trend micro
2018-02-03 15:42 - 2018-02-03 15:42 - 001222144 _____ C:\Users\Mara\Downloads\RSITx64.exe
2018-02-03 15:39 - 2018-02-03 15:43 - 000030462 _____ C:\Users\Mara\Downloads\Addition.txt
2018-02-03 15:35 - 2018-02-03 18:56 - 000018741 _____ C:\Users\Mara\Downloads\FRST.txt
2018-02-03 15:35 - 2018-02-03 18:54 - 000000000 ____D C:\FRST
2018-02-03 15:34 - 2018-02-03 15:35 - 002393088 _____ (Farbar) C:\Users\Mara\Downloads\FRST64.exe
2018-01-31 05:29 - 2018-01-01 07:03 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-31 05:29 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-01-31 05:29 - 2018-01-01 03:26 - 000107416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-31 05:29 - 2018-01-01 03:25 - 001065608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-31 05:29 - 2018-01-01 03:25 - 000900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-31 05:29 - 2018-01-01 03:24 - 008345496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-31 05:29 - 2018-01-01 03:24 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-31 05:29 - 2018-01-01 03:24 - 001188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-31 05:29 - 2018-01-01 03:24 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-01-31 05:29 - 2018-01-01 03:24 - 000102808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-01-31 05:29 - 2018-01-01 03:24 - 000052632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-01-31 05:29 - 2018-01-01 03:23 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-31 05:29 - 2018-01-01 03:22 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-31 05:29 - 2018-01-01 03:22 - 001194784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-31 05:29 - 2018-01-01 03:22 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-31 05:29 - 2018-01-01 03:22 - 000119704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-01-31 05:29 - 2018-01-01 03:21 - 000587160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-31 05:29 - 2018-01-01 03:20 - 000036760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000730008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000164760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-01-31 05:29 - 2018-01-01 03:19 - 000027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-01-31 05:29 - 2018-01-01 03:18 - 000110600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-01-31 05:29 - 2018-01-01 03:18 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-31 05:29 - 2018-01-01 03:16 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-31 05:29 - 2018-01-01 03:16 - 001107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-31 05:29 - 2018-01-01 03:16 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-31 05:29 - 2018-01-01 03:15 - 001396680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-31 05:29 - 2018-01-01 03:15 - 000083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-31 05:29 - 2018-01-01 03:14 - 000159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-31 05:29 - 2018-01-01 03:09 - 000142744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-31 05:29 - 2018-01-01 03:09 - 000070224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-01-31 05:29 - 2018-01-01 03:08 - 001325960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-31 05:29 - 2018-01-01 03:07 - 000583688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-01-31 05:29 - 2018-01-01 03:03 - 000627584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-31 05:29 - 2018-01-01 03:03 - 000311704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-31 05:29 - 2018-01-01 02:52 - 023680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-31 05:29 - 2018-01-01 02:52 - 000195768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-31 05:29 - 2018-01-01 02:50 - 000787704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-31 05:29 - 2018-01-01 02:49 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-31 05:29 - 2018-01-01 02:48 - 005828768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-31 05:29 - 2018-01-01 02:48 - 002167320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-31 05:29 - 2018-01-01 02:48 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 001998416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 000433888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-01-31 05:29 - 2018-01-01 02:47 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-01-31 05:29 - 2018-01-01 02:46 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-31 05:29 - 2018-01-01 02:46 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-01-31 05:29 - 2018-01-01 02:45 - 020374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-31 05:29 - 2018-01-01 02:45 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-31 05:29 - 2018-01-01 02:43 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-31 05:29 - 2018-01-01 02:42 - 000480912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-31 05:29 - 2018-01-01 02:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-01-31 05:29 - 2018-01-01 02:41 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-01-31 05:29 - 2018-01-01 02:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-01-31 05:29 - 2018-01-01 02:40 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2018-01-31 05:29 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-31 05:29 - 2018-01-01 02:40 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-01-31 05:29 - 2018-01-01 02:40 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-01-31 05:29 - 2018-01-01 02:40 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-31 05:29 - 2018-01-01 02:40 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-01-31 05:29 - 2018-01-01 02:39 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-31 05:29 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-31 05:29 - 2018-01-01 02:39 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-01-31 05:29 - 2018-01-01 02:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-01-31 05:29 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-31 05:29 - 2018-01-01 02:38 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-31 05:29 - 2018-01-01 02:38 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 023683072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-31 05:29 - 2018-01-01 02:37 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-31 05:29 - 2018-01-01 02:37 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-31 05:29 - 2018-01-01 02:37 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-31 05:29 - 2018-01-01 02:37 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-31 05:29 - 2018-01-01 02:36 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-01-31 05:29 - 2018-01-01 02:35 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-01-31 05:29 - 2018-01-01 02:34 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-01-31 05:29 - 2018-01-01 02:34 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-31 05:29 - 2018-01-01 02:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ssdpapi.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-31 05:29 - 2018-01-01 02:32 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-31 05:29 - 2018-01-01 02:32 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-01-31 05:29 - 2018-01-01 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-01-31 05:29 - 2018-01-01 02:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3dlg.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-01-31 05:29 - 2018-01-01 02:31 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-31 05:29 - 2018-01-01 02:31 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-31 05:29 - 2018-01-01 02:31 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 020514304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 012803584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 004719104 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-01-31 05:29 - 2018-01-01 02:30 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-31 05:29 - 2018-01-01 02:30 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-31 05:29 - 2018-01-01 02:29 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-31 05:29 - 2018-01-01 02:28 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 006249472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 000946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-31 05:29 - 2018-01-01 02:27 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 005964288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-31 05:29 - 2018-01-01 02:26 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-01-31 05:29 - 2018-01-01 02:26 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2018-01-31 05:29 - 2018-01-01 02:26 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-01-31 05:29 - 2018-01-01 02:25 - 002010112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-31 05:29 - 2018-01-01 02:24 - 003651072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-31 05:29 - 2018-01-01 02:24 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-01-31 05:29 - 2018-01-01 02:23 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-31 05:29 - 2018-01-01 02:23 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-01-31 05:29 - 2018-01-01 02:22 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-01-31 05:29 - 2018-01-01 02:21 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-01-31 05:29 - 2018-01-01 02:21 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2018-01-31 05:29 - 2018-01-01 02:20 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-01-31 05:29 - 2018-01-01 02:20 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2018-01-31 05:29 - 2018-01-01 02:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-01-31 05:29 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-01-31 05:29 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2018-01-31 05:29 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-01-31 05:29 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-31 05:29 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-01-31 05:29 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-01-31 05:29 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-01-31 05:29 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-01-31 05:29 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-01-31 05:29 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2018-01-31 05:29 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2018-01-31 05:29 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-01-31 05:29 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2018-01-31 05:29 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2018-01-31 05:29 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-01-31 05:29 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-01-31 05:29 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-31 05:29 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-01-31 05:29 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-31 05:29 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 001021336 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000751576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000544152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000382864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000264536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-01-31 05:28 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-01-31 05:28 - 2018-01-01 03:27 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000020376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-01-31 05:28 - 2018-01-01 03:27 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-01-31 05:28 - 2018-01-01 03:24 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-31 05:28 - 2018-01-01 03:24 - 000105880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-01-31 05:28 - 2018-01-01 03:24 - 000033688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-01-31 05:28 - 2018-01-01 03:23 - 000386456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-31 05:28 - 2018-01-01 03:22 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-31 05:28 - 2018-01-01 03:21 - 000328616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-31 05:28 - 2018-01-01 03:21 - 000063896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-31 05:28 - 2018-01-01 03:20 - 007319912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-31 05:28 - 2018-01-01 03:20 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-31 05:28 - 2018-01-01 03:20 - 000524760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-31 05:28 - 2018-01-01 03:20 - 000459160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-31 05:28 - 2018-01-01 03:19 - 002466392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-31 05:28 - 2018-01-01 03:19 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-31 05:28 - 2018-01-01 03:19 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000643704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000282520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000247472 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-01-31 05:28 - 2018-01-01 03:19 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000118680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000082328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000054168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-01-31 05:28 - 2018-01-01 03:19 - 000018672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 021354736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 001146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-31 05:28 - 2018-01-01 03:18 - 000966040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-01-31 05:28 - 2018-01-01 03:18 - 000822680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-01-31 05:28 - 2018-01-01 03:18 - 000316240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 000175800 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-31 05:28 - 2018-01-01 03:18 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-01-31 05:28 - 2018-01-01 03:17 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2018-01-31 05:28 - 2018-01-01 03:15 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-31 05:28 - 2018-01-01 03:10 - 000100800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-01-31 05:28 - 2018-01-01 03:09 - 000434072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-31 05:28 - 2018-01-01 03:09 - 000114584 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-31 05:28 - 2018-01-01 02:44 - 000411184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-01-31 05:28 - 2018-01-01 02:43 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-31 05:28 - 2018-01-01 02:42 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-31 05:28 - 2018-01-01 02:42 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-31 05:28 - 2018-01-01 02:42 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-01-31 05:28 - 2018-01-01 02:42 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-31 05:28 - 2018-01-01 02:41 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-01-31 05:28 - 2018-01-01 02:41 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-01-31 05:28 - 2018-01-01 02:40 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\container_xml.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-01-31 05:28 - 2018-01-01 02:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-01-31 05:28 - 2018-01-01 02:40 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-01-31 05:28 - 2018-01-01 02:40 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-01-31 05:28 - 2018-01-01 02:40 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-01-31 05:28 - 2018-01-01 02:39 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-01-31 05:28 - 2018-01-01 02:39 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-01-31 05:28 - 2018-01-01 02:39 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-01-31 05:28 - 2018-01-01 02:39 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-01-31 05:28 - 2018-01-01 02:39 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-01-31 05:28 - 2018-01-01 02:38 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-01-31 05:28 - 2018-01-01 02:38 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-01-31 05:28 - 2018-01-01 02:38 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-01-31 05:28 - 2018-01-01 02:38 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-01-31 05:28 - 2018-01-01 02:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-01-31 05:28 - 2018-01-01 02:37 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-31 05:28 - 2018-01-01 02:36 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-01-31 05:28 - 2018-01-01 02:35 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-01-31 05:28 - 2018-01-01 02:35 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-01-31 05:28 - 2018-01-01 02:34 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-01-31 05:28 - 2018-01-01 02:34 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-01-31 05:28 - 2018-01-01 02:34 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-01-31 05:28 - 2018-01-01 02:33 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-01-31 05:28 - 2018-01-01 02:33 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-01-31 05:28 - 2018-01-01 02:33 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-01-31 05:28 - 2018-01-01 02:32 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-01-31 05:28 - 2018-01-01 02:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 007339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-31 05:28 - 2018-01-01 02:31 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-31 05:28 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-01-31 05:28 - 2018-01-01 02:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 002426368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-01-31 05:28 - 2018-01-01 02:29 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-01-31 05:28 - 2018-01-01 02:28 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-31 05:28 - 2018-01-01 02:26 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-31 05:28 - 2018-01-01 02:26 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-31 05:28 - 2018-01-01 02:25 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-01-31 05:28 - 2018-01-01 02:25 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2018-01-31 05:28 - 2018-01-01 02:25 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-01-31 05:28 - 2018-01-01 02:24 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-01-31 05:28 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-31 05:28 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-01-31 05:28 - 2018-01-01 02:23 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-01-31 05:28 - 2018-01-01 02:18 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-01-31 05:28 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-31 05:28 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-01-31 05:28 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-01-31 05:28 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2018-01-31 05:28 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2018-01-31 05:28 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-01-31 05:28 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-01-31 05:28 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2018-01-31 05:28 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-01-31 05:28 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-31 05:28 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2018-01-31 05:28 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-31 05:28 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-01-31 05:28 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-01-31 05:28 - 2017-11-17 10:46 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-01-31 05:28 - 2017-11-17 10:46 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-01-31 05:28 - 2017-11-17 10:46 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-01-31 05:28 - 2017-11-17 10:39 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-01-31 05:28 - 2017-11-17 09:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-01-31 05:28 - 2017-11-17 09:56 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-01-31 05:12 - 2018-01-31 05:14 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-30 15:28 - 2018-02-01 12:21 - 000000000 ____D C:\Program Files\rempl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-03 18:53 - 2017-08-01 13:07 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-03 18:28 - 2017-02-28 08:35 - 000001445 _____ C:\Users\Mara\Desktop\Dropbox.lnk
2018-02-03 18:20 - 2017-08-04 12:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-03 17:59 - 2016-11-03 23:18 - 000000000 ____D C:\Users\Mara\AppData\Roaming\vlc
2018-02-03 17:58 - 2017-03-20 05:43 - 001046630 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-03 17:58 - 2017-03-20 05:43 - 000243876 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-03 17:58 - 2016-10-06 13:49 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Seznam.cz
2018-02-03 17:57 - 2017-08-04 12:49 - 002311318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-03 17:55 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-03 17:54 - 2016-12-11 19:33 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Mozilla
2018-02-03 17:54 - 2016-08-07 19:37 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Skype
2018-02-03 17:53 - 2016-07-18 14:34 - 000000000 ___RD C:\Users\Mara\OneDrive
2018-02-03 17:52 - 2017-08-04 12:34 - 000000000 ____D C:\Users\Mara
2018-02-03 17:50 - 2017-08-04 12:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-03 17:50 - 2017-08-04 12:29 - 000307776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-03 17:50 - 2017-05-09 09:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-03 17:50 - 2016-07-18 15:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-03 17:48 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-03 17:47 - 2016-09-02 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-02-03 17:47 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-03 16:04 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-03 16:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-03 15:40 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-03 15:38 - 2017-02-14 23:36 - 000010476 _____ C:\Users\Mara\AppData\Local\FSDownloader.err
2018-02-03 15:38 - 2017-02-14 23:29 - 000001088 _____ C:\Users\Mara\AppData\Local\FSDownloader.nast
2018-02-03 15:33 - 2017-08-04 12:52 - 000004206 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{28B4EFD2-6DFB-4745-9634-36A22BCC91BB}
2018-02-03 15:27 - 2016-07-18 15:29 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Mozilla
2018-02-03 15:26 - 2016-07-18 15:29 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-02 10:42 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-02 10:35 - 2017-06-14 00:18 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-02-02 10:35 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-02 10:34 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-02 10:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-01 18:44 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-01 18:44 - 2016-07-18 18:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-01 18:40 - 2017-10-12 09:26 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-01 18:40 - 2016-07-18 18:41 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-30 15:26 - 2016-07-18 17:56 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-30 15:23 - 2017-08-04 12:52 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-772858087-439378103-3593226653-1001
2018-01-30 15:23 - 2016-07-18 14:34 - 000002384 _____ C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2017-02-14 23:36 - 2018-02-03 15:38 - 000010476 _____ () C:\Users\Mara\AppData\Local\FSDownloader.err
2017-02-14 23:29 - 2018-02-03 15:38 - 000001088 _____ () C:\Users\Mara\AppData\Local\FSDownloader.nast
2016-10-06 13:39 - 2016-10-06 13:39 - 000032038 _____ () C:\Users\Mara\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-03 16:16

==================== End of FRST.txt ============================

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#8 Příspěvek od atsok »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Mara (03-02-2018 18:57:37)
Running from C:\Users\Mara\Downloads
Windows 10 Home Version 1703 15063.850 (X64) (2017-08-04 12:01:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-772858087-439378103-3593226653-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-772858087-439378103-3593226653-503 - Limited - Disabled)
Guest (S-1-5-21-772858087-439378103-3593226653-501 - Limited - Disabled)
Mara (S-1-5-21-772858087-439378103-3593226653-1001 - Administrator - Enabled) => C:\Users\Mara

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== ATTENTION
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Kodi) (Version: - XBMC-Foundation)
Manager (HKLM-x32\...\{38251B9A-C44B-42D9-9A6A-0697986E334A}) (Version: 4.1.4.27792 - 2015 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MKVtoolnix 2.1.0 (HKLM-x32\...\MKVtoolnix) (Version: 2.1.0 - Moritz Bunkus)
Mozilla Firefox 58.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 58.0.1 (x64 cs)) (Version: 58.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.1.6602 - Mozilla)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{72B9DF2C-76FA-40B5-A469-16EAB159CE72}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{BDF7326B-7ED4-4034-B867-F4E88D4E628B}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{03E04B47-9270-4613-8D7E-DA4AD2B259A0}) (Version: 4.1.5.29097 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.1 - pdfforge GmbH)
Seznam Software (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-08-05] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\ShellExt.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1428727C-D178-4804-B361-3D389DB5EB39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-01] (Microsoft Corporation)
Task: {259ECAFC-85DA-41C1-9D30-2E139842FB64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-18] (Google Inc.)
Task: {47962045-A2E9-4E26-8A35-97D47DF00C00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-18] (Google Inc.)
Task: {556F98A4-AE49-4953-B542-56D59FC14DB5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-15] (Adobe Systems Incorporated)
Task: {6A2714EB-B274-4063-930D-42BF16B813DE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2017-12-15] (Adobe Systems Incorporated)
Task: {80F7449E-F786-48B4-95FC-50C2710F6625} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-01] (Microsoft Corporation)
Task: {B0C61EAB-B897-4A38-9D68-DF609B2F9C19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-01] (Microsoft Corporation)
Task: {B8A59FBE-3F79-49B5-B14A-19FB9E78AC50} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-01] (Microsoft Corporation)
Task: {D9B0BA19-5F8C-481D-A130-4B4AD1DD80C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-08-04 12:33 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-12-13 12:06 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\5515libfoxloader-x64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-06 13:50 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2016-10-06 13:50 - 2017-02-08 12:39 - 000080576 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2017-02-08 03:52 - 2017-02-08 03:52 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-02-03 15:58 - 2018-02-03 15:58 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-02-03 15:58 - 2018-02-03 15:58 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-02-03 15:58 - 2018-02-03 15:58 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-02-03 15:58 - 2018-02-03 15:58 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-03 15:58 - 2018-02-03 15:58 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-11 01:47 - 2017-07-11 01:47 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-11 01:47 - 2017-07-11 01:47 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-12-13 12:06 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\5508libfoxloader.dll
2017-04-26 14:19 - 2017-04-26 14:19 - 002005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2016-10-06 13:50 - 2015-05-26 12:38 - 000862888 _____ () C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\lightspeed.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2017-09-27 01:41 - 000000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-772858087-439378103-3593226653-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 80.87.176.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{32600710-01F4-4F3A-948F-58F97214A1D9}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{3592EF95-0276-42A0-8BC8-BEFFA2F837F6}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{8D21B692-9FFD-4ABC-8839-6340242DD851}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{AA09E17F-ED31-4718-A96A-7FD0C91A04BE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{C4BC0AE1-8B57-4220-877E-BF131C768DF7}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{3C591F40-3D3F-4B52-A4FC-437FCB0F50CE}C:\users\mara\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\mara\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{18EFED41-8CED-474E-AABA-B5A8B7081223}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{7A73FD75-91ED-4395-AFC4-841F72A500BC}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{65652E13-8B2B-472D-9592-F5A662E63497}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B54E80CF-F319-471F-A77A-3D5BD5EBFA7E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B712854A-CD3E-41BC-95B2-9A8A0F185EC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5C47149D-2C7E-4EC5-835C-D1C21DD0327F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B8BEFC1-8510-40AD-BC62-EBA0C484D9B2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{03E5D9B4-DCD6-4177-806A-A6796FFA62A4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C26CAA7F-A18F-4925-B617-89F801637DDB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{5B4F75CC-DFB6-4F54-B89D-92A7A0884316}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{C6E725C8-A25B-4187-9AC3-324B8ED45E2F}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{0276FB3C-76C2-420E-B140-2C10E6C4672A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

30-01-2018 15:27:07 Windows Update
03-02-2018 16:18:02 Windows Update

==================== Faulty Device Manager Devices =============

Name: Koprocesor
Description: Koprocesor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2018 05:58:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 12042. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (02/03/2018 05:58:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 12042. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (02/03/2018 05:34:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/03/2018 04:40:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-2SQL7M7)
Description: Balíček Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (02/01/2018 06:31:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147009280. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (02/01/2018 06:09:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/31/2018 12:39:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-2SQL7M7)
Description: Balíček Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (01/31/2018 05:14:49 AM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (01/31/2018 05:14:46 AM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {95CABCC9-BC57-4C12-B8DF-BA193232AA01} byla odmítnuta.

Error: (01/31/2018 04:37:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2SQL7M7)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (02/03/2018 05:50:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (02/03/2018 05:50:40 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (02/03/2018 05:50:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:50:12, ‎03.‎02.‎2018) bylo neočekávané.

Error: (02/03/2018 05:50:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (02/03/2018 05:50:10 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (02/03/2018 05:48:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel Security True Key neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/03/2018 05:48:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel Security True Key bylo dosaženo časového limitu (30000 ms).

Error: (02/03/2018 05:47:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2SQL7M7)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/03/2018 05:47:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2SQL7M7)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/03/2018 05:47:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2SQL7M7)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
Date: 2018-02-03 18:45:32.603
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-03 16:17:09.380
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-01 12:19:32.490
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-02-01 12:19:32.486
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-23 12:52:51.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-11-21 11:09:08.579
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-12 18:01:45.417
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-12 10:37:36.370
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-09-25 10:21:06.499
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-09-25 10:12:10.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\LavasoftTcpService64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 62%
Total physical RAM: 3839.23 MB
Available physical RAM: 1423.16 MB
Total Virtual: 6015.23 MB
Available Virtual: 3032.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.51 GB) (Free:89.91 GB) NTFS
Drive d: (MOVIE) (Fixed) (Total:464.73 GB) (Free:324.54 GB) NTFS
Drive e: (Externi HDD) (Fixed) (Total:1397.26 GB) (Free:118.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 6697A7D7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=845 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F2553E2F)
Partition 1: (Not Active) - (Size=464.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1397.3 GB) (Disk ID: 3F5C7D3B)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
CHR Extension: (Bing) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-02-03]

EmptyTemp:
End
Uložte do C:\Users\Mara\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#10 Příspěvek od atsok »

log se nekde zktratil.. kde ho najdu?

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#11 Příspěvek od atsok »

je to on?
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Mara (03-02-2018 19:24:27) Run:1
Running from C:\Users\Mara\Downloads
Loaded Profiles: Mara (Available Profiles: Mara)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
CHR Extension: (Bing) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-02-03]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94c6ea77-8cd8-11e7-a590-4061860b4475}" => removed successfully
HKLM\Software\Classes\CLSID\{94c6ea77-8cd8-11e7-a590-4061860b4475} => key not found
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
CHR Extension: (Bing) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-02-03] => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28564766 B
Java, Flash, Steam htmlcache => 816 B
Windows/system/drivers => 59888 B
Edge => 584 B
Chrome => 2095093 B
Firefox => 59761141 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7040 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 3362 B
Mara => 35215182 B

RecycleBin => 3660 B
EmptyTemp: => 126.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:25:07 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#12 Příspěvek od Rudy »

Je to on. PC by již měl být čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

atsok
Návštěvník
Návštěvník
Příspěvky: 63
Registrován: 02 srp 2012 21:52

Re: Prosím o kontrolu PC

#13 Příspěvek od atsok »

dekuji moc, snad to bude ok, předtím byl takovy zamrzly a pomaly.

Pekny večer

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu PC

#14 Příspěvek od Rudy »

Doufejme, že ano. Hezký den! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno