Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
Uživatelský avatar
adeam
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 137
Registrován: 11 zář 2009 15:17
Bydliště: Poprad
Kontaktovat uživatele:

Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#1 Příspěvek od adeam »

Ahojte,

rád by som vás poprosil o pomoc, môjmu ntb v poslednom čase prepína. Chrome mi v pravidelných intervaloch zamŕza, vždy na cca 10-20 sekúnd a potom ide ďalej. Ďalej som si všimol, že mi zo systému zmizli body obnovy ktoré som tam mal uložené. V prípade že si vytvorím hotspot pomocou connectify (pro verzia - zakúpená) tak mi nejde poriadne prehrať ani video, aj keď predtým to šlo bezproblémov. A od minulého týždňa mi pri štarte ntb ukazovalo len čiernu obrazovku, potom sa to načítalo ale taskbar bol freeznuty. A posledná vec, nejde mi kliknúť na sieťové pripojenia cez tray. Klikám na to a nič a nakoniec o minútu mi to rozbalí tie info, ale napr nepripojím sa teraz ani na ziadnu novú wifinu lebo sa tam neviem dostať :(
NTB: ThinkPad T440s, i7-4600U, drivery sú aktuálne, win7 pro, licencovaný, preinštalovaný myslím že jan/feb 2017
AV: eset endpoint antivirus s licenciou :)

Vopred ďakujem za pomoc :)

FRST

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2017
Ran by adeam (administrator) on ADEAM-PC (26-04-2017 17:16:59)
Running from C:\Users\adeam\Desktop
Loaded Profiles: adeam (Available Profiles: adeam)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: SlovenÄŤina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Mobile Communications) C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(Flux Software LLC) C:\Users\adeam\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\adeam\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dexpot GbR) C:\Program Files (x86)\Dexpot\dexpot.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Telegram Messenger LLP) C:\Users\adeam\AppData\Roaming\Telegram Desktop\Telegram.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.5\Lightshot.exe
(Lenovo.) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Dexpot GbR) C:\Program Files (x86)\Dexpot\Dexpot64.exe
(Dexpot GbR) C:\Program Files (x86)\Dexpot\plugins\Taskbar Pager.exe
(Dexpot GbR) C:\Program Files (x86)\Dexpot\plugins\DexControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
() C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
(Lenovo) C:\Users\adeam\AppData\Local\Apps\2.0\ATGCAH28.5T0\LONB53WO.1HK\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
() C:\Explorer++.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\adeam\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(forum.viry.cz) C:\Users\adeam\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2874984 2016-06-17] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [70672 2016-06-23] (Lenovo)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1601056 2016-03-23] (Lenovo Group Limited)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4131384 2016-12-14] (Connectify)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1723040 2014-09-01] (SunplusIT, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Run: [f.lux] => C:\Users\adeam\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Run: [Spotify Web Helper] => C:\Users\adeam\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Run: [Dexpot] => C:\Program Files (x86)\Dexpot\dexpot.exe [1843704 2016-07-19] (Dexpot GbR)
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Run: [Google Update] => C:\Users\adeam\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2017-04-26] (Google Inc.)
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\MountPoints2: {056ea8bc-d285-11e6-9766-dab65e140350} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\MountPoints2: {056ea8d7-d285-11e6-9766-dab65e140350} - E:\DriverPackSolution.exe
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-11-11] (Acronis)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
Startup: C:\Users\adeam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2017-04-17]
ShortcutTarget: Telegram.lnk -> C:\Users\adeam\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-01-04]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 109.201.137.57 api.hide.me # Added by Hide.me VPN
Tcpip\Parameters: [DhcpNameServer] 147.229.190.143 147.229.191.143
Tcpip\..\Interfaces\{7A420301-7A24-421B-B4DB-30389A25AD50}: [DhcpNameServer] 147.229.190.143 147.229.191.143
Tcpip\..\Interfaces\{D12D1D41-B381-4BD4-B836-D99FE1AD4CB5}: [DhcpNameServer] 100.66.128.2 147.229.3.100 147.229.3.200

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2017-01-04] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-04] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-04] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-04] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: fowrjbek.default
FF ProfilePath: C:\Users\adeam\AppData\Roaming\Mozilla\Firefox\Profiles\fowrjbek.default [2017-04-26]
FF HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2017-01-04] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3770857571-1092624148-1139369411-1000: @tools.google.com/Google Update;version=3 -> C:\Users\adeam\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-04-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-3770857571-1092624148-1139369411-1000: @tools.google.com/Google Update;version=9 -> C:\Users\adeam\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-04-26] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default [2017-04-26]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-04-06]
CHR Extension: (Disk Google) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (YouTube) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (Google Cast) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-01-07]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-04-11]
CHR Extension: (Tab Manager) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coonecdghnepgiblpccbbihiahajndda [2017-03-20]
CHR Extension: (Full Page Screen Capture) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2017-02-08]
CHR Extension: (Tab Suspender) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2017-04-25]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-01-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-23]
CHR Profile: C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-04-26]
CHR Extension: (Prezentácie Google) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-25]
CHR Extension: (Dokumenty Google) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-25]
CHR Extension: (Disk Google) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-25]
CHR Extension: (YouTube) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-25]
CHR Extension: (uBlock Origin) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-26]
CHR Extension: (Adobe Acrobat) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-25]
CHR Extension: (TabuÄľky Google) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-25]
CHR Extension: (Dokumenty Google v reĹľime offline) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-25]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-25]
CHR Extension: (Gmail) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\adeam\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\adeam\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-04-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1135600 2016-12-15] ()
S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [257592 2016-12-14] (Connectify)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2017-02-21] (Lenovo.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET)
S4 Ext2Srv; C:\Program Files\Ext2Fsd\Ext2Srv.exe [34816 2016-07-09] (www.ext2fsd.com)
S4 FirmwareUpdaterService; C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe [100080 2016-11-29] ()
S4 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [138960 2017-04-02] (eVenture Limited)
S4 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [172152 2016-08-17] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329192 2016-06-09] (Intel Corporation)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711248 2017-02-20] (Lenovo.)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 ModemAuthenticatorService; C:\Program Files (x86)\Intel Mobile Communications\ModemAuthenticator\IntelModemAuthenticator.exe [48376 2016-09-05] (Intel Mobile Communications)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-10-06] ()
S4 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-01-18] ()
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1416288 2016-11-29] (Sierra Wireless, Inc.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [88400 2015-12-06] (Synaptics Incorporated)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-21] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-10-06] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87528 2015-10-13] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141800 2015-10-13] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1545704 2016-04-27] (Motorola Solutions, Inc.)
R1 cfywlan1; C:\Windows\System32\DRIVERS\cfywlan1.sys [36736 2017-02-14] (Connectify)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [43872 2017-02-14] (Connectify)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-01-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-01-04] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [502256 2015-08-13] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET)
R2 Ext2Fsd; C:\Windows\system32\Drivers\Ext2Fsd.sys [799744 2016-07-09] (www.ext2fsd.com)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339808 2017-01-21] (Acronis International GmbH)
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB.sys [31736 2016-11-29] (Intel Mobile Communications)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [355080 2016-07-31] (Intel Corporation)
R3 MBIMSS; C:\Windows\System32\Drivers\swinbus01.sys [75272 2016-11-29] (Smith Micro Software, Inc.)
R3 MBIMSSfilter; C:\Windows\System32\Drivers\swinbus01f.sys [75272 2016-11-29] (Smith Micro Software, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3423496 2016-10-20] (Intel Corporation)
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2016-02-10] ()
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [41576 2016-06-17] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [41816 2016-11-03] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [52960 2016-12-07] (SteelSeries ApS)
R3 SWMBIM; C:\Windows\System32\DRIVERS\SWMBIM01.sys [238088 2016-11-29] (Smith Micro Software, Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1049432 2017-01-21] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [202592 2017-01-21] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [581464 2017-01-21] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [301408 2017-01-21] (Acronis International GmbH)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-26 17:14 - 2017-04-26 17:14 - 00112640 _____ (forum.viry.cz) C:\Users\adeam\Downloads\FRSTLauncher.exe
2017-04-26 17:04 - 2017-04-26 17:16 - 00000000 ____D C:\FRST
2017-04-26 17:04 - 2017-04-26 17:05 - 00099624 _____ C:\Users\adeam\Downloads\FRST.txt
2017-04-26 17:04 - 2017-04-26 17:05 - 00051687 _____ C:\Users\adeam\Downloads\Addition.txt
2017-04-26 17:04 - 2017-04-26 17:04 - 00002454 _____ C:\Users\adeam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-04-26 17:04 - 2017-04-26 17:04 - 00002446 _____ C:\Users\adeam\Desktop 2\Google Chrome Canary.lnk
2017-04-26 17:03 - 2017-04-26 17:03 - 00003546 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000UA
2017-04-26 17:03 - 2017-04-26 17:03 - 00003274 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000Core
2017-04-26 16:14 - 2017-04-26 16:14 - 02427392 _____ (Farbar) C:\Users\adeam\Downloads\FRST64.exe
2017-04-26 16:14 - 2017-04-26 16:14 - 02427392 _____ (Farbar) C:\Users\adeam\Downloads\FRST64 (1).exe
2017-04-26 16:14 - 2017-04-26 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\adeam\Downloads\Nepotvrdené 963073.crdownload
2017-04-26 16:04 - 2017-04-26 16:04 - 01129376 _____ (Google Inc.) C:\Users\adeam\Downloads\ChromeSetup.exe
2017-04-26 14:54 - 2017-04-26 15:10 - 00000000 ____D C:\Users\adeam\Documents\_ Ĺ KOLA
2017-04-26 14:30 - 2017-04-26 14:30 - 00000000 ____D C:\Users\adeam\Documents\FIO UCET NAJOMNE VYPISY
2017-04-26 14:28 - 2017-04-26 14:28 - 00013161 _____ C:\Users\adeam\Downloads\KI-rozpis terminu-2017-V2.01 (1).pdf
2017-04-26 14:24 - 2017-04-26 14:24 - 03777115 _____ C:\Users\adeam\Downloads\PR12_zaverka.pptx
2017-04-26 14:18 - 2017-04-26 14:20 - 00049460 _____ C:\Users\adeam\maxout8228.gnuplot
2017-04-26 14:16 - 2017-04-26 14:16 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\maxima-5.38.1
2017-04-26 14:15 - 2017-04-26 14:16 - 00000000 ____D C:\maxima-5.38.1
2017-04-26 14:14 - 2017-04-26 14:14 - 108978873 _____ C:\Users\adeam\Downloads\maxima-clisp-sbcl-5.38.1.exe
2017-04-26 00:24 - 2017-04-26 00:24 - 08836186 _____ C:\Users\adeam\Downloads\05_Zadavaci_dokumentace.pdf
2017-04-26 00:15 - 2017-04-26 00:15 - 00478723 _____ C:\Users\adeam\Downloads\dodatečné informace č. 1.PDF
2017-04-26 00:14 - 2017-04-26 00:14 - 00707479 _____ C:\Users\adeam\Downloads\dodatečné informace č. 2.PDF
2017-04-25 23:35 - 2017-04-25 23:35 - 00002415 _____ C:\Users\adeam\Desktop 2\Ninja - Chrome.lnk
2017-04-25 23:35 - 2017-04-25 23:35 - 00002371 _____ C:\Users\adeam\Desktop 2\Osoba 1 - Chrome.lnk
2017-04-25 20:50 - 2017-04-25 20:50 - 01566776 _____ C:\Users\adeam\Downloads\zadani_v2 (2).pdf
2017-04-25 20:43 - 2017-04-25 20:43 - 00422729 _____ C:\Users\adeam\Downloads\CardPay_technicka_prirucka.pdf
2017-04-25 12:26 - 2017-04-26 16:03 - 00002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-04-25 12:26 - 2017-04-25 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-25 12:26 - 2017-04-25 12:26 - 00000000 ____D C:\Program Files\CCleaner
2017-04-25 12:25 - 2017-04-25 12:25 - 09390672 _____ (Piriform Ltd) C:\Users\adeam\Downloads\ccsetup529.exe
2017-04-25 12:23 - 2017-02-07 05:13 - 02126496 _____ (Sysinternals - www.sysinternals.com) C:\Users\adeam\Desktop 2\Procmon.exe
2017-04-25 12:16 - 2017-04-25 12:16 - 00998270 _____ C:\Users\adeam\Downloads\ProcessMonitor.zip
2017-04-25 12:09 - 2017-04-25 12:09 - 00000000 ___HD C:\OneDriveTemp
2017-04-25 12:04 - 2017-04-25 12:04 - 00000017 _____ C:\Users\adeam\AppData\Local\resmon.resmoncfg
2017-04-25 12:00 - 2017-03-27 20:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-04-25 12:00 - 2017-03-27 19:28 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-04-25 12:00 - 2017-03-25 21:39 - 20284416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-04-25 12:00 - 2017-03-25 21:06 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-04-25 12:00 - 2017-03-25 20:52 - 02289152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-04-25 12:00 - 2017-03-25 20:51 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-04-25 12:00 - 2017-03-25 20:48 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-04-25 12:00 - 2017-03-25 20:47 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-04-25 12:00 - 2017-03-25 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-04-25 12:00 - 2017-03-25 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-04-25 12:00 - 2017-03-25 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-04-25 12:00 - 2017-03-25 20:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-04-25 12:00 - 2017-03-25 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-04-25 12:00 - 2017-03-25 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-04-25 12:00 - 2017-03-25 20:45 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-04-25 12:00 - 2017-03-25 20:45 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-04-25 12:00 - 2017-03-25 20:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-04-25 12:00 - 2017-03-25 20:45 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-04-25 12:00 - 2017-03-25 20:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-04-25 12:00 - 2017-03-25 20:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-04-25 12:00 - 2017-03-25 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-04-25 12:00 - 2017-03-25 20:44 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-04-25 12:00 - 2017-03-25 20:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-04-25 12:00 - 2017-03-25 20:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-04-25 12:00 - 2017-03-25 20:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-04-25 12:00 - 2017-03-25 20:02 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-04-25 12:00 - 2017-03-25 19:56 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-04-25 12:00 - 2017-03-25 19:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-25 12:00 - 2017-03-25 19:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-25 12:00 - 2017-03-25 19:29 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-04-25 12:00 - 2017-03-25 19:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-04-25 12:00 - 2017-03-25 19:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-04-25 12:00 - 2017-03-25 19:06 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-04-25 12:00 - 2017-03-25 19:00 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-04-25 12:00 - 2017-03-25 18:59 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-04-25 12:00 - 2017-03-25 18:10 - 01546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-04-25 12:00 - 2016-03-24 00:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-25 11:59 - 2017-03-25 21:07 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-04-25 11:59 - 2017-03-25 20:55 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-04-25 11:59 - 2017-03-25 20:47 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-04-25 11:59 - 2017-03-25 20:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-04-25 11:59 - 2017-03-25 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-04-25 11:59 - 2017-03-25 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-04-25 11:59 - 2017-03-25 20:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-04-25 11:59 - 2017-03-25 20:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-04-25 11:59 - 2017-03-25 20:14 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-04-25 11:59 - 2017-03-25 20:13 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-04-25 11:59 - 2017-03-25 20:13 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-04-25 11:59 - 2017-03-25 20:10 - 02898432 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-04-25 11:59 - 2017-03-25 20:04 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-04-25 11:59 - 2017-03-25 19:57 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-04-25 11:59 - 2017-03-25 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-04-25 11:59 - 2017-03-25 19:56 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-04-25 11:59 - 2017-03-25 19:56 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-04-25 11:59 - 2017-03-25 19:52 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-04-25 11:59 - 2017-03-25 19:41 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-04-25 11:59 - 2017-03-25 19:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-04-25 11:59 - 2017-03-25 19:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-04-25 11:59 - 2017-03-25 19:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-04-25 11:59 - 2017-03-25 19:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-04-25 11:59 - 2017-03-25 19:04 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-04-25 11:59 - 2017-03-25 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-04-25 11:59 - 2017-03-25 18:57 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-04-25 11:59 - 2017-03-25 18:28 - 15259136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-04-25 11:59 - 2017-03-25 18:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-04-25 11:59 - 2017-03-25 18:24 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-04-25 11:59 - 2017-03-25 18:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-04-25 11:59 - 2017-03-25 00:50 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-04-25 11:59 - 2017-03-25 00:42 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-04-25 11:59 - 2017-03-22 17:32 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-25 11:59 - 2017-03-22 17:32 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-25 11:59 - 2017-03-22 17:32 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-25 11:59 - 2017-03-22 17:30 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-25 11:59 - 2017-03-22 17:24 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-25 11:59 - 2017-03-22 17:17 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-25 11:59 - 2017-03-22 17:15 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-25 11:59 - 2017-03-22 17:15 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-25 11:59 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-25 11:59 - 2017-03-22 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-25 11:59 - 2017-03-22 17:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-25 11:59 - 2017-03-22 17:15 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-25 11:59 - 2017-03-22 17:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-25 11:59 - 2017-03-22 17:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-25 11:59 - 2017-03-22 17:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-25 11:59 - 2017-03-22 17:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-25 11:59 - 2017-03-14 17:34 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-04-25 11:59 - 2017-03-14 17:34 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-04-25 11:59 - 2017-03-14 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-04-25 11:59 - 2017-03-10 18:35 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-04-25 11:59 - 2017-03-10 18:31 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-04-25 11:59 - 2017-03-10 18:31 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-04-25 11:59 - 2017-03-10 18:31 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-04-25 11:59 - 2017-03-10 18:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-04-25 11:59 - 2017-03-10 18:27 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-04-25 11:59 - 2017-03-10 18:20 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-04-25 11:59 - 2017-03-10 18:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-04-25 11:59 - 2017-03-10 18:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-04-25 11:59 - 2017-03-10 18:00 - 03219968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-04-25 11:59 - 2017-03-10 17:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-04-25 11:59 - 2017-03-08 22:20 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-04-25 11:59 - 2017-03-08 22:10 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-04-25 11:59 - 2017-03-08 06:37 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-04-25 11:59 - 2017-03-08 06:36 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-04-25 11:59 - 2017-03-08 06:36 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-04-25 11:59 - 2017-03-08 06:36 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-04-25 11:59 - 2017-03-08 06:36 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-04-25 11:59 - 2017-03-08 06:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:33 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:26 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-04-25 11:59 - 2017-03-08 06:26 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-04-25 11:59 - 2017-03-08 06:24 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-04-25 11:59 - 2017-03-08 06:22 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:21 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 06:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-04-25 11:59 - 2017-03-08 06:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-04-25 11:59 - 2017-03-08 06:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-04-25 11:59 - 2017-03-08 06:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-04-25 11:59 - 2017-03-08 06:00 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-04-25 11:59 - 2017-03-08 05:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-04-25 11:59 - 2017-03-08 05:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-04-25 11:59 - 2017-03-08 05:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-04-25 11:59 - 2017-03-08 05:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-04-25 11:59 - 2017-03-08 05:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-04-25 11:59 - 2017-03-08 05:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-04-25 11:59 - 2017-03-08 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-04-25 11:59 - 2017-03-08 05:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-04-25 11:59 - 2017-03-08 05:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-04-25 11:59 - 2017-03-08 05:54 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-04-25 11:59 - 2017-03-08 05:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-04-25 11:59 - 2017-03-08 05:53 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-04-25 11:59 - 2017-03-08 05:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 05:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 05:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-25 11:59 - 2017-03-08 05:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-25 11:59 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-04-25 11:59 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-04-25 11:59 - 2017-03-07 16:05 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-25 11:59 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-04-25 11:59 - 2017-03-04 03:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-04-25 11:59 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-04-25 11:59 - 2017-03-04 03:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-04-25 11:59 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-04-25 11:59 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-04-25 11:59 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-04-25 11:59 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-04-25 11:59 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-25 11:59 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-25 11:59 - 2017-02-11 18:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-25 11:59 - 2017-02-11 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-25 11:59 - 2017-02-11 17:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-04-25 11:59 - 2017-02-11 17:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-04-25 11:59 - 2017-02-11 17:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-04-25 11:59 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-04-25 11:59 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-04-25 11:59 - 2017-02-10 16:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-04-25 11:59 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-25 11:59 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-25 11:59 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-04-25 11:59 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-04-25 11:59 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-04-25 11:59 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-04-25 11:59 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-04-25 11:59 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-25 11:59 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-04-25 11:59 - 2017-02-09 16:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-04-25 11:59 - 2017-02-09 16:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-04-25 11:59 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-04-25 11:59 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-25 11:59 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-25 11:59 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-04-25 11:59 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-04-25 11:59 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-04-25 11:59 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-04-25 11:59 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-04-25 11:59 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-04-25 11:59 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-04-25 11:59 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-04-25 11:59 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-04-25 11:59 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-04-25 11:59 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-04-25 11:59 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-04-25 11:59 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-04-25 11:59 - 2016-03-24 00:40 - 03181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-24 17:49 - 2017-04-24 18:58 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Hide.me
2017-04-24 17:49 - 2017-04-24 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2017-04-24 17:49 - 2017-04-24 17:49 - 00000000 ____D C:\Program Files (x86)\hide.me VPN
2017-04-24 17:48 - 2017-04-24 17:49 - 05958864 _____ (eVenture Limited ) C:\Users\adeam\Downloads\Hide.me-Setup-1.2.12.exe
2017-04-23 17:50 - 2017-04-23 17:50 - 01566776 _____ C:\Users\adeam\Downloads\zadani_v2 (1).pdf
2017-04-23 10:59 - 2017-04-23 10:59 - 00066733 _____ C:\Users\adeam\Downloads\Ovládací_prvky.xlsm
2017-04-23 10:58 - 2017-04-23 10:58 - 00128075 _____ C:\Users\adeam\Downloads\Dialogy a soubory.pptx
2017-04-23 10:22 - 2017-04-23 10:23 - 00318407 _____ C:\Users\adeam\Downloads\cv03-zadani_reality.xlsm
2017-04-23 10:20 - 2017-04-23 10:20 - 00168203 _____ C:\Users\adeam\Downloads\Objekty.pptx
2017-04-23 10:19 - 2017-04-23 10:19 - 00173304 _____ C:\Users\adeam\Downloads\Konstanty,objektové, strukturované datové typy.pptx
2017-04-23 10:18 - 2017-04-23 10:18 - 00160924 _____ C:\Users\adeam\Downloads\Konstrukce.pptx
2017-04-23 08:39 - 2017-04-23 08:39 - 00538518 _____ C:\Users\adeam\Downloads\xls_pcobc.zip
2017-04-23 08:37 - 2017-04-23 08:37 - 00012572 _____ C:\Users\adeam\Downloads\POSTOVNY.xlsx
2017-04-22 14:29 - 2017-04-22 14:29 - 00011117 _____ C:\Users\adeam\Downloads\zdrojova_data (1).xlsx
2017-04-22 13:54 - 2017-04-22 13:54 - 00043880 _____ C:\Users\adeam\Downloads\cv05-zadani_text.xlsm
2017-04-22 13:54 - 2017-04-22 13:54 - 00027725 _____ C:\Users\adeam\Downloads\CV10 (3).xlsm
2017-04-22 13:54 - 2017-04-22 13:54 - 00022600 _____ C:\Users\adeam\Downloads\CV11 (1).xlsm
2017-04-22 13:53 - 2017-04-22 13:53 - 00050940 _____ C:\Users\adeam\Downloads\cv09-zadani_strukturovane-datove-typy_v2 (3).xlsm
2017-04-21 14:20 - 2017-04-21 14:20 - 09012378 _____ C:\Users\adeam\Downloads\Download File (1).pdf
2017-04-21 14:18 - 2017-04-21 14:18 - 08665850 _____ C:\Users\adeam\Downloads\Download File.pdf
2017-04-21 14:16 - 2017-04-21 14:16 - 10635740 _____ C:\Users\adeam\Downloads\FINAL VERSION.zip
2017-04-21 13:52 - 2017-04-21 13:48 - 01338796 _____ C:\Users\adeam\Downloads\prizemie_v2 (1).bak
2017-04-21 13:52 - 2017-04-21 13:42 - 00822006 _____ C:\Users\adeam\Downloads\denisCAD_preratane pocty_cleared_v6 (1).bak
2017-04-21 13:48 - 2017-04-21 13:52 - 01365274 _____ C:\Users\adeam\Downloads\prizemie_v2 (1).dwg
2017-04-21 13:42 - 2017-04-21 13:52 - 00585392 _____ C:\Users\adeam\Downloads\denisCAD_preratane pocty_cleared_v6 (1).dwg
2017-04-21 10:29 - 2017-04-21 10:29 - 00622230 _____ C:\Users\adeam\Downloads\Denis Cela I,III a koncove porty kabelaze.xlsx
2017-04-21 10:19 - 2017-04-21 10:19 - 00619469 _____ C:\Users\adeam\Downloads\IV. 1b,2 DATOVE ROZVADZACE + MATERIAL RACKY.xlsx
2017-04-19 19:08 - 2017-04-19 19:08 - 00097494 _____ C:\Users\adeam\Downloads\zsskCD (6).pdf
2017-04-19 18:55 - 2017-04-19 18:55 - 00239902 _____ C:\Users\adeam\Downloads\15152843.pdf
2017-04-19 01:29 - 2017-04-19 01:29 - 01374561 _____ C:\Users\adeam\Downloads\Riot-setup.exe
2017-04-19 01:29 - 2017-04-19 01:29 - 00000000 ____D C:\Users\adeam\AppData\Local\Riot
2017-04-19 01:29 - 2017-04-19 01:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIOT
2017-04-19 01:29 - 2017-04-19 01:29 - 00000000 ____D C:\Program Files (x86)\Riot
2017-04-19 01:22 - 2017-04-19 01:22 - 06395433 _____ C:\Users\adeam\Downloads\merge-minify-refresh.zip
2017-04-19 01:07 - 2017-04-19 01:07 - 00013843 _____ C:\Users\adeam\Downloads\predzapocet.xlsx
2017-04-19 00:58 - 2017-04-19 00:58 - 00030208 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (18).xls
2017-04-19 00:57 - 2017-04-19 00:57 - 00030208 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (17).xls
2017-04-18 19:12 - 2017-04-18 19:12 - 00258262 _____ C:\Users\adeam\Downloads\ZZ_2006_224_20161018.pdf
2017-04-18 19:11 - 2017-04-18 19:11 - 00555020 _____ C:\Users\adeam\Downloads\eID-FAQ.pdf
2017-04-18 19:10 - 2017-04-18 19:10 - 00096256 _____ C:\Users\adeam\Downloads\zsskCD (5).pdf
2017-04-18 19:08 - 2017-04-18 19:08 - 00097720 _____ C:\Users\adeam\Downloads\zsskCD (4).pdf
2017-04-18 16:27 - 2017-04-18 16:49 - 00009339 _____ C:\Users\adeam\Documents\ĹľivnosĹĄ.xlsx
2017-04-18 09:44 - 2017-04-18 09:44 - 00000000 _____ C:\Users\adeam\Downloads\stiahnuĹĄ (5)
2017-04-17 22:06 - 2017-04-17 22:06 - 03207412 _____ C:\Users\adeam\Downloads\PR09_VK (2).pptx
2017-04-17 22:02 - 2017-04-17 22:02 - 02767037 _____ C:\Users\adeam\Downloads\PR10_NaV.pptx
2017-04-17 22:02 - 2017-04-17 22:02 - 00012784 _____ C:\Users\adeam\Downloads\Účtování.xlsx
2017-04-17 15:17 - 2017-04-17 15:17 - 00006501 _____ C:\Users\adeam\Documents\nginx2.txt
2017-04-17 15:03 - 2017-04-17 15:03 - 11335696 _____ C:\Users\adeam\Downloads\knowengernetwork.sql
2017-04-17 12:16 - 2017-04-17 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2017-04-16 23:43 - 2017-04-16 23:43 - 00436755 _____ C:\Users\adeam\Downloads\Desktop.rar
2017-04-16 15:02 - 2017-04-16 15:02 - 01724363 _____ C:\Users\adeam\Downloads\Spolocny cennik A cast APRIL 2017.pdf
2017-04-16 15:02 - 2017-04-16 15:02 - 00139977 _____ C:\Users\adeam\Downloads\Cennik Minuty v roamingu_1.1.2016.pdf (1).pdf
2017-04-16 15:01 - 2017-04-16 15:01 - 00048464 _____ C:\Users\adeam\Downloads\Cennik sluzby Data a SMS_1.7.2013.pdf.pdf
2017-04-16 15:00 - 2017-04-16 15:00 - 00139977 _____ C:\Users\adeam\Downloads\Cennik Minuty v roamingu_1.1.2016.pdf.pdf
2017-04-16 15:00 - 2017-04-16 15:00 - 00053195 _____ C:\Users\adeam\Downloads\Cennik sluzby SMS Direct Access_15.5.2015.pdf.pdf
2017-04-16 02:06 - 2017-04-16 02:07 - 18630286 _____ C:\Users\adeam\Downloads\plugins-4.0.3.zip
2017-04-16 02:05 - 2017-04-16 02:06 - 07829415 _____ C:\Users\adeam\Downloads\wpjobster-4.0.5-ts1490016267.zip
2017-04-16 01:54 - 2017-04-16 01:54 - 00001196 _____ C:\Users\adeam\Downloads\invoice_hooks.php
2017-04-15 20:13 - 2017-04-15 20:13 - 00469789 _____ C:\Users\adeam\Downloads\wp-referral1.rar
2017-04-15 20:13 - 2017-04-15 20:13 - 00000000 ____D C:\Users\adeam\Downloads\wp-referral
2017-04-15 03:20 - 2017-04-15 03:20 - 00018041 _____ C:\Users\adeam\Downloads\2-3.pkt
2017-04-15 03:04 - 2017-04-15 03:04 - 00306176 _____ C:\Users\adeam\Downloads\Konecny_poradnik_bc_2016.xls
2017-04-15 03:03 - 2017-04-15 03:03 - 00011486 _____ C:\Users\adeam\Downloads\Tabulka_prace_leto_2017_3.kolo.xlsx
2017-04-14 18:05 - 2017-04-14 18:05 - 00030208 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (16).xls
2017-04-14 17:15 - 2017-04-24 03:47 - 00000000 ____D C:\Users\adeam\Documents\pt_projekt
2017-04-14 15:34 - 2017-04-14 15:34 - 22437506 _____ C:\Users\adeam\Downloads\komplet_FP.zip
2017-04-14 14:34 - 2017-04-14 14:34 - 00011122 _____ C:\Users\adeam\Downloads\zdrojova_data.xlsx
2017-04-14 14:33 - 2017-04-14 14:33 - 01566776 _____ C:\Users\adeam\Downloads\zadani_v2.pdf
2017-04-14 14:25 - 2017-04-14 14:25 - 00451333 _____ C:\Users\adeam\Documents\doc.pdf
2017-04-12 22:31 - 2017-04-12 22:31 - 00030208 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (15).xls
2017-04-12 16:53 - 2017-04-12 16:53 - 00022600 _____ C:\Users\adeam\Downloads\CV11.xlsm
2017-04-12 07:52 - 2017-04-12 08:07 - 01861264 _____ C:\Users\adeam\Downloads\KI projekt (PS15B).xlsx
2017-04-12 07:44 - 2017-04-12 07:44 - 01338796 _____ C:\Users\adeam\Downloads\prizemie_v2.dwg
2017-04-12 07:36 - 2017-04-12 07:36 - 00590961 _____ C:\Users\adeam\Downloads\denisCAD_preratane pocty_cleared_v7.dwg
2017-04-12 07:33 - 2017-04-12 07:33 - 00822006 _____ C:\Users\adeam\Downloads\denisCAD_preratane pocty_cleared_v6.dwg
2017-04-11 13:42 - 2017-04-11 13:42 - 01488853 _____ C:\Users\adeam\Downloads\prizemie_v0.dwg
2017-04-11 13:21 - 2017-04-11 13:21 - 00020550 _____ C:\Users\adeam\Downloads\cv11-domaci-ukol_zadani.xlsm
2017-04-11 13:21 - 2017-04-11 13:21 - 00001237 _____ C:\Users\adeam\Downloads\andel.TXT
2017-04-11 07:03 - 2017-04-11 07:03 - 01896246 _____ C:\Users\adeam\Downloads\prizemie.bak
2017-04-11 06:16 - 2017-04-11 07:16 - 02081190 _____ C:\Users\adeam\Downloads\prizemie.dwg
2017-04-11 05:44 - 2017-04-11 05:44 - 01944655 _____ C:\Users\adeam\Downloads\KI-michal_magda_origo.dwg
2017-04-11 01:14 - 2017-04-11 04:04 - 03569278 _____ C:\Users\adeam\Downloads\denisCAD_preratane pocty.bak
2017-04-11 00:57 - 2017-04-11 04:05 - 01743576 _____ C:\Users\adeam\Downloads\denisCAD_preratane pocty.dwg
2017-04-11 00:41 - 2017-04-11 00:41 - 02975159 _____ C:\Users\adeam\Downloads\denisCAD.dwg
2017-04-10 23:40 - 2017-04-10 23:40 - 00249269 _____ C:\Users\adeam\Downloads\I. 1,2 UVOD, CIEL, DEFINICE(upravne).xlsx
2017-04-10 22:54 - 2017-04-10 22:54 - 00260903 _____ C:\Users\adeam\Downloads\projekt_legit (4).xlsx
2017-04-10 22:01 - 2017-04-10 22:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-10 22:01 - 2017-04-10 22:01 - 00000000 ____D C:\Users\adeam\Tracing
2017-04-10 22:01 - 2017-04-10 22:01 - 00000000 ____D C:\ProgramData\Skype
2017-04-10 22:01 - 2017-04-10 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-10 21:55 - 2017-04-10 21:55 - 01631704 _____ (Skype Technologies S.A.) C:\Users\adeam\Downloads\SkypeSetup.exe
2017-04-10 20:37 - 2017-04-10 20:37 - 00266095 _____ C:\Users\adeam\Downloads\projekt_legit (3).xlsx
2017-04-10 20:35 - 2017-04-10 20:35 - 00266095 _____ C:\Users\adeam\Downloads\projekt_legit (2).xlsx
2017-04-10 15:48 - 2017-04-10 15:48 - 00524210 _____ C:\Users\adeam\Downloads\ki-screen.pdf
2017-04-10 15:06 - 2017-04-10 16:21 - 00260842 _____ C:\Users\adeam\Downloads\projekt_legit (1).xlsx
2017-04-10 14:47 - 2017-04-10 14:47 - 01843808 _____ C:\Users\adeam\Downloads\ds_SMC8126_52L2.pdf
2017-04-10 12:18 - 2017-04-10 12:19 - 00235785 _____ C:\Users\adeam\Downloads\projekt_legit.xlsx
2017-04-09 23:47 - 2017-04-09 23:47 - 00000000 ____D C:\Users\adeam\Downloads\tfpdf
2017-04-09 23:46 - 2017-04-09 23:46 - 04723210 _____ C:\Users\adeam\Downloads\tfpdf.zip
2017-04-09 23:35 - 2017-04-09 23:35 - 00000000 ____D C:\Users\adeam\Desktop 2\tfpdf-master
2017-04-09 23:33 - 2017-04-09 23:34 - 45468916 _____ C:\Users\adeam\Downloads\tfpdf-master (1).zip
2017-04-09 23:32 - 2017-04-09 23:33 - 45354586 _____ C:\Users\adeam\Downloads\tfpdf-master.zip
2017-04-09 19:28 - 2017-04-09 19:28 - 00030208 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (14).xls
2017-04-09 19:28 - 2017-04-09 19:28 - 00024576 _____ C:\Users\adeam\Downloads\MAT2_M Cv ÄŚt 13.xls
2017-04-09 13:22 - 2017-02-20 23:12 - 00711248 _____ (Lenovo.) C:\Windows\system32\LPlatSvc.exe
2017-04-09 13:22 - 2017-02-20 23:12 - 00184400 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2017-04-09 13:22 - 2017-02-20 23:12 - 00058448 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2017-04-09 13:22 - 2017-02-20 23:11 - 00088144 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2017-04-09 13:22 - 2017-02-20 23:11 - 00082816 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2017-04-09 13:22 - 2013-11-16 04:59 - 00632168 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2017-04-09 13:22 - 2013-11-16 04:59 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2017-04-08 18:58 - 2017-04-08 18:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2017-04-07 23:45 - 2017-04-07 23:48 - 00003524 _____ C:\Users\adeam\Downloads\helvetica.php
2017-04-07 23:45 - 2017-04-07 23:45 - 00010504 _____ C:\Users\adeam\Downloads\Invoice-5455 (1).pdf
2017-04-07 23:44 - 2017-04-07 23:44 - 00010504 _____ C:\Users\adeam\Downloads\Invoice-5455.pdf
2017-04-07 00:29 - 2017-04-07 00:29 - 04625384 _____ C:\Users\adeam\Downloads\Presentace Hartmann-Rico.pptx
2017-04-07 00:25 - 2017-04-07 00:25 - 00131893 _____ C:\Users\adeam\Downloads\Techniky.pptx
2017-04-06 17:31 - 2017-04-06 17:31 - 00029184 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (13).xls
2017-04-06 16:07 - 2017-04-21 17:35 - 00868352 _____ C:\Users\adeam\Documents\KNOWENGER.mpp
2017-04-06 14:59 - 2017-04-06 14:59 - 01550735 _____ C:\Users\adeam\Downloads\wa_ct-max-multi-user-telecommunications-outlet-assembly-mutoa_ii.pdf
2017-04-06 12:11 - 2017-04-06 12:22 - 00000000 ____D C:\Users\adeam\Documents\anglicko_farma
2017-04-06 11:26 - 2017-04-06 11:26 - 00029184 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (12).xls
2017-04-05 18:59 - 2017-04-05 18:59 - 00029184 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (11).xls
2017-04-05 14:38 - 2017-04-05 14:38 - 02237191 _____ C:\Users\adeam\Downloads\denis-KI-projekt-autocad (1).bak
2017-04-05 13:03 - 2017-04-05 23:28 - 03200511 _____ C:\Users\adeam\Downloads\denis-KI-projekt-autocad (1).dwg
2017-04-05 13:03 - 2017-04-05 13:03 - 00065719 _____ C:\Users\adeam\Downloads\ki-projekt.xlsx
2017-04-05 03:41 - 2017-04-05 03:41 - 00000000 ____D C:\Users\adeam\Documents\Adobe
2017-04-05 03:33 - 2017-04-05 03:33 - 00000984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2017-04-05 03:31 - 2017-04-05 03:31 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-04-05 03:21 - 2017-04-05 03:21 - 00000000 ____D C:\Users\adeam\AppData\Local\ESET
2017-04-05 02:37 - 2017-04-05 02:37 - 03899843 _____ C:\Users\adeam\Downloads\roundcubemail-1.2.4-complete.tar.gz
2017-04-05 01:15 - 2017-04-05 01:15 - 00173377 _____ C:\Users\adeam\Downloads\Invoice_AR-2550020_07.03.2017.pdf
2017-04-05 00:50 - 2017-03-06 15:47 - 00000000 ____D C:\Users\adeam\Downloads\webmail
2017-04-05 00:45 - 2017-04-05 00:46 - 08956726 _____ C:\Users\adeam\Downloads\webmail_php.zip
2017-04-05 00:19 - 2017-04-05 00:19 - 00617451 _____ C:\Users\adeam\Documents\pricelist.pdf
2017-04-04 23:29 - 2017-04-04 23:31 - 00195353 _____ C:\Users\adeam\Documents\objMAR2017.pdf
2017-04-04 21:16 - 2017-04-04 21:16 - 00027725 _____ C:\Users\adeam\Downloads\CV10 (2).xlsm
2017-04-04 21:03 - 2017-04-04 21:03 - 00027725 _____ C:\Users\adeam\Downloads\CV10.xlsm
2017-04-04 21:03 - 2017-04-04 21:03 - 00027725 _____ C:\Users\adeam\Downloads\CV10 (1).xlsm
2017-04-04 20:29 - 2017-04-04 20:29 - 00295476 _____ C:\Users\adeam\Downloads\STUDENTSKÝ MANUÁL NA PRŮKAZY VUT 29.4.2014.pdf
2017-04-04 17:41 - 2017-04-04 17:41 - 00116736 ___SH C:\Users\adeam\Thumbs.db
2017-04-04 11:22 - 2017-04-05 03:17 - 01839315 _____ C:\Users\adeam\Downloads\KiÄŤkoPROJEKT.xlsx
2017-04-04 11:19 - 2017-04-05 03:26 - 00000000 ____D C:\Users\adeam\Downloads\Adobe Photoshop Lightroom 6.0 2015
2017-04-04 11:17 - 2017-04-04 11:17 - 00002679 _____ C:\Users\adeam\Desktop 2\BitTorrent.lnk
2017-04-04 11:17 - 2017-04-04 11:17 - 00002679 _____ C:\Users\adeam\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-04-04 11:17 - 2017-04-04 11:17 - 00000000 ____D C:\Users\adeam\AppData\LocalLow\BitTorrent
2017-04-04 11:16 - 2017-04-25 12:33 - 00000000 ____D C:\Users\adeam\AppData\Roaming\BitTorrent
2017-04-04 11:15 - 2017-04-04 11:15 - 02239176 _____ (BitTorrent Inc.) C:\Users\adeam\Downloads\BitTorrent.exe
2017-04-04 11:13 - 2017-04-04 11:13 - 00016810 _____ C:\Users\adeam\Downloads\[CzT]Adobe_Photoshop_Lightroom_6_0_2015_.torrent
2017-04-04 09:51 - 2017-04-04 09:51 - 00050876 _____ C:\Users\adeam\Documents\pt_cvicenie_8_baliak.xlsm
2017-04-04 09:44 - 2017-04-04 09:49 - 00047096 _____ C:\Users\adeam\Downloads\nove cviko (1).xlsm
2017-04-04 09:35 - 2017-04-04 09:35 - 00050940 _____ C:\Users\adeam\Downloads\cv09-zadani_strukturovane-datove-typy_v2 (2).xlsm
2017-04-04 09:34 - 2017-04-04 09:42 - 00048757 _____ C:\Users\adeam\Downloads\nove cviko.xlsm
2017-04-03 23:34 - 2017-04-03 23:34 - 00072899 _____ C:\Users\adeam\Downloads\14894106.pdf
2017-04-03 22:32 - 2017-04-03 22:32 - 00098303 _____ C:\Users\adeam\Downloads\zsskCD (2).pdf
2017-04-03 22:32 - 2017-04-03 22:32 - 00097134 _____ C:\Users\adeam\Downloads\zsskCD (3).pdf
2017-04-03 22:32 - 2017-04-03 22:32 - 00097033 _____ C:\Users\adeam\Downloads\zsskCD (1).pdf
2017-04-03 22:30 - 2017-04-03 22:30 - 00097150 _____ C:\Users\adeam\Downloads\zsskCD.pdf
2017-04-03 13:08 - 2017-04-21 13:52 - 00000000 ____D C:\Users\adeam\Documents\KIÄŤko
2017-04-03 12:46 - 2017-04-04 11:21 - 02507264 _____ C:\Users\adeam\Downloads\Projekt MU-vzor v1.01 (3).xls
2017-04-03 12:45 - 2017-04-03 12:45 - 00013161 _____ C:\Users\adeam\Downloads\KI-rozpis terminu-2017-V2.01.pdf
2017-04-03 00:52 - 2017-04-03 00:52 - 01031680 _____ C:\Users\adeam\Downloads\P13 PHP a MySQL.ppt
2017-04-02 14:28 - 2017-04-02 14:28 - 00245274 _____ C:\Users\adeam\Documents\14865964.pdf
2017-04-02 14:17 - 2017-04-02 14:17 - 00245274 _____ C:\Users\adeam\Downloads\14865964.pdf
2017-04-02 11:01 - 2017-04-02 11:01 - 00009485 _____ C:\Users\adeam\Downloads\CAS-UTOKU.xlsx
2017-03-31 18:55 - 2017-03-31 18:55 - 03877343 _____ C:\Users\adeam\Downloads\PR08_DM (1).pptx
2017-03-31 17:36 - 2017-03-31 17:38 - 00015384 _____ C:\Users\adeam\Documents\proforma_samo.xlsx
2017-03-30 12:40 - 2017-03-30 12:40 - 00147533 _____ C:\Users\adeam\Downloads\November_2016.pdf
2017-03-30 12:39 - 2017-03-30 12:39 - 00147563 _____ C:\Users\adeam\Downloads\Marec_2017.pdf
2017-03-30 12:17 - 2017-03-30 12:17 - 00028672 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (10).xls
2017-03-28 15:05 - 2017-03-28 15:06 - 03877343 _____ C:\Users\adeam\Downloads\PR08_DM.pptx
2017-03-28 09:52 - 2017-03-28 09:52 - 00028672 _____ C:\Users\adeam\Downloads\MAT2_M Cv St 15 (9).xls
2017-03-28 01:48 - 2017-03-28 01:48 - 00000000 ____D C:\Users\adeam\AppData\Roaming\.mono
2017-03-28 01:48 - 2017-03-28 01:48 - 00000000 ____D C:\Users\adeam\AppData\LocalLow\Blizzard Entertainment
2017-03-28 01:48 - 2017-03-28 01:48 - 00000000 ____D C:\Users\adeam\AppData\Local\Blizzard
2017-03-28 01:48 - 2017-03-28 01:48 - 00000000 ____D C:\ProgramData\.mono
2017-03-28 01:47 - 2017-03-28 01:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-03-28 01:45 - 2017-03-28 01:47 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2017-03-28 01:43 - 2017-03-28 01:43 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-03-28 01:39 - 2017-03-30 16:27 - 00000000 ____D C:\Users\adeam\AppData\Local\Battle.net
2017-03-28 01:39 - 2017-03-28 01:39 - 00000000 ____D C:\Users\adeam\AppData\Local\Blizzard Entertainment
2017-03-28 01:39 - 2017-03-28 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-03-28 01:38 - 2017-03-28 01:43 - 00000000 ____D C:\Program Files (x86)\Blizzard App
2017-03-28 01:35 - 2017-03-28 01:43 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Battle.net
2017-03-28 01:34 - 2017-03-28 01:35 - 00000000 ____D C:\ProgramData\Battle.net
2017-03-28 01:31 - 2017-03-28 01:31 - 03319280 _____ (Blizzard Entertainment) C:\Users\adeam\Downloads\Hearthstone-Setup.exe
2017-03-27 14:28 - 2017-03-27 14:28 - 00296068 _____ C:\Users\adeam\Documents\PT-BaliakAdam-161125.pdf
2017-03-27 14:16 - 2017-03-27 14:16 - 00408117 ____T C:\Users\adeam\Documents\leviton.pdf
2017-03-27 14:16 - 2017-03-27 14:16 - 00281360 _____ C:\Users\adeam\Documents\asdadad
2017-03-27 14:16 - 2017-03-27 14:16 - 00016814 _____ C:\Users\adeam\Documents\PT-BaliakAdam-161125.xlsx
2017-03-27 14:16 - 2017-03-27 14:16 - 00000000 ____D C:\Users\adeam\AppData\LocalLow\Temp
2017-03-27 12:15 - 2017-03-27 12:15 - 00026624 _____ C:\Users\adeam\Downloads\df01a.xls

FRST LOG 1 / 2
Obrázek

Uživatelský avatar
adeam
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 137
Registrován: 11 zář 2009 15:17
Bydliště: Poprad
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#2 Příspěvek od adeam »

FRST 2/2

Kód: Vybrat vše

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-26 17:16 - 2017-02-01 23:14 - 00000000 ____D C:\Users\adeam\Desktop 2
2017-04-26 17:06 - 2009-07-14 06:45 - 00022768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-26 17:06 - 2009-07-14 06:45 - 00022768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-26 17:05 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-26 17:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-04-26 17:04 - 2017-01-04 18:50 - 00000000 ____D C:\Users\adeam\AppData\Local\Google
2017-04-26 17:03 - 2017-01-04 19:04 - 00000000 ____D C:\Users\adeam\AppData\Local\Deployment
2017-04-26 17:01 - 2017-02-03 18:41 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Telegram Desktop
2017-04-26 17:01 - 2017-01-15 14:20 - 00000270 _____ C:\Windows\Tasks\Lenovo Active Protection System.job
2017-04-26 17:01 - 2017-01-06 02:43 - 00000000 ___RD C:\Users\adeam\OneDrive
2017-04-26 17:01 - 2017-01-04 19:18 - 00000000 __SHD C:\Users\adeam\IntelGraphicsProfiles
2017-04-26 16:58 - 2017-01-22 13:14 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2017-04-26 16:58 - 2017-01-22 13:14 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-3770857571-1092624148-1139369411-1000.job
2017-04-26 16:58 - 2017-01-04 19:29 - 00000000 ____D C:\ProgramData\Synaptics
2017-04-26 16:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-26 16:03 - 2017-02-22 23:23 - 00003174 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-26 16:03 - 2017-01-16 14:39 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-26 16:03 - 2017-01-04 18:50 - 00003370 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-26 16:03 - 2017-01-04 18:50 - 00003242 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-26 16:02 - 2017-01-22 13:14 - 00003398 _____ C:\Windows\System32\Tasks\update-sys
2017-04-26 16:02 - 2017-01-22 13:14 - 00003376 _____ C:\Windows\System32\Tasks\update-S-1-5-21-3770857571-1092624148-1139369411-1000
2017-04-26 16:02 - 2017-01-04 18:50 - 00003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1483548606
2017-04-26 14:18 - 2017-01-04 16:05 - 00000000 ____D C:\Users\adeam
2017-04-26 01:41 - 2017-01-04 19:14 - 00000000 ____D C:\Users\adeam\AppData\Roaming\TS3Client
2017-04-25 17:11 - 2017-01-04 18:50 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-25 13:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-04-25 12:33 - 2017-02-14 05:33 - 00000000 ____D C:\Program Files (x86)\Connectify
2017-04-25 12:33 - 2017-02-10 13:15 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-25 12:33 - 2017-02-09 22:32 - 00000000 ____D C:\Users\adeam\AppData\Roaming\TeamViewer
2017-04-25 12:33 - 2017-01-06 17:47 - 00000000 ____D C:\Users\adeam\AppData\Roaming\MPC-HC
2017-04-25 12:33 - 2017-01-04 16:11 - 00000000 ____D C:\Users\adeam\AppData\Roaming\DAEMON Tools Lite
2017-04-25 12:09 - 2017-01-16 15:11 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Dexpot
2017-04-25 12:09 - 2017-01-04 19:18 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-04-25 12:07 - 2009-07-14 06:45 - 05130056 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-25 12:06 - 2016-09-05 10:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-04-25 12:06 - 2016-09-05 10:59 - 00000000 ____D C:\Windows\system32\appraiser
2017-04-25 12:01 - 2017-01-04 15:58 - 00765700 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-04-25 11:54 - 2017-01-04 19:38 - 00003020 _____ C:\Windows\System32\Tasks\PMTask
2017-04-25 11:54 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2017-04-25 10:51 - 2017-01-16 00:16 - 00000498 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-04-25 10:45 - 2017-01-05 14:01 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Spotify
2017-04-25 09:30 - 2017-01-25 18:30 - 00000600 _____ C:\Users\adeam\AppData\Roaming\winscp.rnd
2017-04-24 21:54 - 2017-01-28 13:01 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Messenger for Desktop
2017-04-24 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-23 09:29 - 2017-02-01 23:12 - 00000000 ____D C:\Users\adeam\Desktop 3
2017-04-21 17:55 - 2017-03-19 22:42 - 00000000 ____D C:\Users\adeam\Downloads\Telegram Desktop
2017-04-21 17:54 - 2017-02-01 23:13 - 00000000 ____D C:\Users\adeam\Desktop 5
2017-04-21 16:55 - 2017-01-05 14:01 - 00000000 ____D C:\Users\adeam\AppData\Local\Spotify
2017-04-21 14:21 - 2017-02-01 23:13 - 00000000 ____D C:\Users\adeam\Desktop 4
2017-04-19 21:11 - 2017-02-08 14:14 - 00000600 _____ C:\Users\adeam\AppData\Local\PUTTY.RND
2017-04-17 12:16 - 2017-01-22 13:14 - 00000424 _____ C:\Users\adeam\AppData\Local\UserProducts.xml
2017-04-14 20:09 - 2017-02-22 23:21 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Skype
2017-04-12 10:43 - 2017-01-06 02:43 - 00002164 _____ C:\Users\adeam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-04-12 08:41 - 2017-01-04 19:14 - 00000000 ____D C:\Users\adeam\AppData\Local\TeamSpeak 3 Client
2017-04-11 15:42 - 2017-01-16 14:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-10 21:59 - 2017-01-04 19:13 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-10 13:00 - 2017-01-15 13:47 - 02507776 _____ C:\Users\adeam\Downloads\Projekt MU-vzor v1.01.xls
2017-04-09 13:27 - 2017-01-04 19:18 - 00016582 _____ C:\Windows\system32\results.xml
2017-04-09 13:21 - 2017-01-15 14:20 - 00002660 _____ C:\Windows\System32\Tasks\Lenovo Active Protection System
2017-04-06 16:09 - 2017-01-06 02:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-05 21:18 - 2017-03-26 13:31 - 00001456 _____ C:\Users\adeam\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-04-05 03:41 - 2017-01-04 16:06 - 00000000 ____D C:\Users\adeam\AppData\Roaming\Adobe
2017-04-05 03:37 - 2017-01-04 18:50 - 00000000 ____D C:\Users\adeam\AppData\Local\Adobe
2017-04-05 03:37 - 2017-01-04 18:50 - 00000000 ____D C:\ProgramData\Adobe
2017-04-05 03:33 - 2017-03-26 11:34 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-04-05 03:32 - 2017-03-26 11:33 - 00000000 ____D C:\Program Files\Adobe
2017-04-05 03:21 - 2017-01-04 18:50 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-05 03:14 - 2017-02-23 21:28 - 00020738 _____ C:\Users\adeam\Documents\proforma.xlsx
2017-04-04 23:28 - 2017-01-04 16:05 - 00000000 ____D C:\Users\adeam\AppData\Local\VirtualStore
2017-04-02 14:42 - 2017-01-28 13:01 - 00000000 ____D C:\Users\adeam\AppData\Local\messengerfordesktop
2017-04-02 14:42 - 2017-01-12 13:51 - 00000000 ____D C:\Users\adeam\AppData\Local\SquirrelTemp

==================== Files in the root of some directories =======

2017-01-25 18:30 - 2017-04-25 09:30 - 0000600 _____ () C:\Users\adeam\AppData\Roaming\winscp.rnd
2017-03-26 13:31 - 2017-04-05 21:18 - 0001456 _____ () C:\Users\adeam\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-02-08 14:14 - 2017-04-19 21:11 - 0000600 _____ () C:\Users\adeam\AppData\Local\PUTTY.RND
2017-04-25 12:04 - 2017-04-25 12:04 - 0000017 _____ () C:\Users\adeam\AppData\Local\resmon.resmoncfg
2017-01-22 13:14 - 2017-01-22 13:14 - 0000003 _____ () C:\Users\adeam\AppData\Local\updater.log
2017-01-22 13:14 - 2017-04-17 12:16 - 0000424 _____ () C:\Users\adeam\AppData\Local\UserProducts.xml
2017-01-04 19:16 - 2017-01-04 19:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-23 16:43

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:124.9 GB) (Free:7.94 GB) NTFS
Drive d: (adeam_RED) (Fixed) (Total:931.48 GB) (Free:6.04 GB) NTFS

Available physical RAM: 8840.54 MB
Total physical RAM: 11970.7 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 7730C77E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=34.2 GB) - (Type=83)
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Lenovo Active Protection System.job => C:\Windows\system32\TpShUI.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3770857571-1092624148-1139369411-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\adeam\Desktop" je 2990 MB.
 
 
***** Startup Programs *****
 
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager
"C:\Users\adeam\AppData\Local\Akamai\netsession_win.exe"  

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Desktop App
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"C:\Users\adeam\AppData\Local\messengerfordesktop\Update.exe" --processStart "Messenger for Desktop.exe" --process-start-args "--os-startup" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger for Desktop
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
"C:\Program Files (x86)\Toastify\Toastify.exe" 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toastify
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
ECHO is off.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^adeam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do aplik cie OneNote.lnk
C:\PROGRA~2\MICROS~2\root\Office16\ONENOTEM.EXE /tsr [x]

 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0
    DoNotAllowExceptions    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================
Přílohy
Addition.zip
FRST Addition.txt
(14.54 KiB) Staženo 163 x
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
adeam
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 137
Registrován: 11 zář 2009 15:17
Bydliště: Poprad
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#4 Příspěvek od adeam »

Kód: Vybrat vše

# AdwCleaner v6.046 - *Logfile created 26/04/2017 *at 17:38:00
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-04-25.1 [*Server]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : adeam - ADEAM-PC
# *Running from : C:\Users\adeam\Downloads\adwcleaner_6.046.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

*No malicious services found.


***** [ *Folders ] *****

*No malicious folders found.


***** [ *Files ] *****

*No malicious files found.


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ *Shortcuts ] *****

*No infected shortcut found.


***** [ *Scheduled tasks ] *****

*No malicious task found.


***** [ *Registry ] *****

*No malicious registry entries found.


***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1040 *Bytes] - [26/04/2017 17:38:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1114 *Bytes] ##########
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#5 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\adeam\AppData\Local\Akamai
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\MountPoints2: {056ea8bc-d285-11e6-9766-dab65e140350} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\MountPoints2: {056ea8d7-d285-11e6-9766-dab65e140350} - E:\DriverPackSolution.exe
GroupPolicy: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000Core

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
adeam
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 137
Registrován: 11 zář 2009 15:17
Bydliště: Poprad
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#6 Příspěvek od adeam »

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-04-2017
Ran by adeam (26-04-2017 17:58:39) Run:1
Running from C:\Users\adeam\Desktop
Loaded Profiles: adeam (Available Profiles: adeam)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\adeam\AppData\Local\Akamai
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\MountPoints2: {056ea8bc-d285-11e6-9766-dab65e140350} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\...\MountPoints2: {056ea8d7-d285-11e6-9766-dab65e140350} - E:\DriverPackSolution.exe
GroupPolicy: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000Core

EmptyTemp:
End
*****************

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\adeam\AppData\Local\Akamai => moved successfully
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{056ea8bc-d285-11e6-9766-dab65e140350} => key removed successfully
HKCR\CLSID\{056ea8bc-d285-11e6-9766-dab65e140350} => key not found. 
HKU\S-1-5-21-3770857571-1092624148-1139369411-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{056ea8d7-d285-11e6-9766-dab65e140350} => key removed successfully
HKCR\CLSID\{056ea8d7-d285-11e6-9766-dab65e140350} => key not found. 
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000UA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3770857571-1092624148-1139369411-1000Core => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6719622 B
Java, Flash, Steam htmlcache => 75023683 B
Windows/system/drivers => 3119167 B
Edge => 0 B
Chrome => 814885250 B
Firefox => 10900294 B
Opera => 140288 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 29344 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16674 B
systemprofile32 => 971869 B
LocalService => 0 B
NetworkService => 328194 B
adeam => 41207430 B

RecycleBin => 17674 B
EmptyTemp: => 917.2 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-04-2017 18:00:58)

C:\ProgramData\DP45977C.lfl => moved successfully

==== End of Fixlog 18:00:58 ====
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#7 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
adeam
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 137
Registrován: 11 zář 2009 15:17
Bydliště: Poprad
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#8 Příspěvek od adeam »

no zatial som od posledneho restartu (pri vymaze) nespozoroval ziadne zamrznutie, este to otestujem :)
co sa tyka tych ostatnych problemov, tak to už si nejako poriešim :)

inak to bolo tam nieco? v tom co sa mazalo?

zatial dakujem :)

ad
Obrázek

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pravidelne mrznutie, divne(podozrive) spravanie sa ntb

#9 Příspěvek od Rudy »

Zkuste přeinstalovat ovladač wifi adaptétu. Byly tam převážně zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět