Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Prosím o preventivku

#1 Příspěvek od kodl74 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Karlíkxy at 2019-02-18 00:37:39
Microsoft Windows 10 Pro
System drive C: has 583 GB (61%) free of 953 GB
Total RAM: 16382 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:37:43, on 18.02.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files\trend micro\Karlíkxy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files (x86)\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [EsetPasswordManager] C:\Program Files\ESET\ESET Password Manager\pwm.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Karlíkxy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Karlíkxy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [Nexus-Ultimate] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DESlock+ Service (dlpsrv) - DESlock Limited. - C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Winstep Xtreme Service - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10985 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
"C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
dashost.exe {fc6df548-007b-4802-9f159c87f0ec9d61}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt -s hpqddsvc
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Winstep\WsxService"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\SysWOW64\svchost.exe -k hpdevmgmt -s hpqcxs08
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc


C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe" autostart
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/a ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\KARLKX~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --enable-features=FixAltGraph --no-sandbox --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=3CB54E36B0D782925A37D0736ACBCE8C --mojo-platform-channel-handle=2152 /prefetch:2
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --autoplay-policy=no-user-gesture-required --ms-disable-indexeddb-transaction-timeout --no-sandbox --enable-features=FixAltGraph --service-pipe-token=C97FAF74E641242B499CB9314B5B3A50 --lang=cs --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --background-color=#fff --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=C97FAF74E641242B499CB9314B5B3A50 --renderer-client-id=4 --mojo-platform-channel-handle=2592 /prefetch:1 --skype-process-type=Main
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe" "C:\Users\KARLKX~1\AppData\Local\Temp\[CzT]Bitva_o_Moskvu_Dvadcat_vosem_panfilovcev_2016_CZ_.torrent"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\ESET\ESET Security\eOPPFrame.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\AUDIODG.EXE 0x69c
"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Karlíkxy\Desktop\Bordel z plochy\ŽM3seie\Živí mrtví.S03E02.Hnus.DVDrip.CZ.avi"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6552.0.719966170\767303937" -parentBuildID 20190211233335 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - "C:\Users\Karlíkxy\AppData\LocalLow\Mozilla\Temp-{c8152227-bdeb-4865-92bf-d3a2699e350f}" 6552 "\\.\pipe\gecko-crash-server-pipe.6552" 1616 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6552.6.1269318099\785363471" -childID 1 -isForBrowser -prefsHandle 2296 -prefMapHandle 2380 -prefsLen 1 -prefMapSize 188531 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6552 "\\.\pipe\gecko-crash-server-pipe.6552" 2476 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6552.13.877637786\191285307" -childID 2 -isForBrowser -prefsHandle 1932 -prefMapHandle 3404 -prefsLen 79 -prefMapSize 188531 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6552 "\\.\pipe\gecko-crash-server-pipe.6552" 3416 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6552.20.15326191\1022310267" -childID 3 -isForBrowser -prefsHandle 3844 -prefMapHandle 3808 -prefsLen 173 -prefMapSize 188531 -schedulerPrefs 0001,2 -parentBuildID 20190211233335 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 6552 "\\.\pipe\gecko-crash-server-pipe.6552" 3924 tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe48_ Global\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 776 780 788 8192 784
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\Karlíkxy\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK

=========Mozilla firefox=========

ProfilePath - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll


C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-11 203352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02 150616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"egui"=C:\Program Files\ESET\ESET Security\ecmdS.exe [2018-12-14 177928]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13 2675176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2018-09-15 27860280]
"EsetPasswordManager"=C:\Program Files\ESET\ESET Password Manager\pwm.exe [2018-09-24 94152]
"cz.seznam.software.autoupdate"=C:\Users\Karlíkxy\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Karlíkxy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2019-02-08 53540200]
"Nexus-Ultimate"=C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [2018-06-03 14688896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VICTORY Gaming Keyboard"=C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [2013-11-11 270336]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2018-03-27 1069296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-18 00:37:39 ----D---- C:\rsit
2019-02-18 00:37:39 ----D---- C:\Program Files\trend micro
2019-02-16 15:38:49 ----D---- C:\WINDOWS\LastGood.Tmp
2019-02-14 20:55:42 ----D---- C:\Program Files (x86)\HiSuite
2019-02-14 10:31:14 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2019-02-14 10:31:14 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-14 10:31:14 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-14 10:31:07 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2019-02-14 10:31:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-02-14 10:31:05 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2019-02-14 10:31:05 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-02-14 10:31:03 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-02-14 10:31:03 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-02-14 10:31:02 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-02-14 10:31:02 ----A---- C:\WINDOWS\SYSWOW64\msrd2x40.dll
2019-02-14 10:31:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2019-02-14 10:31:02 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-02-14 10:31:01 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-02-14 10:31:00 ----A---- C:\WINDOWS\system32\msi.dll
2019-02-14 10:30:59 ----A---- C:\WINDOWS\system32\jscript9.dll
2019-02-14 10:30:59 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-02-14 10:30:57 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-02-14 10:30:56 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-02-14 10:30:54 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-14 10:30:54 ----A---- C:\WINDOWS\system32\StorSvc.dll
2019-02-14 10:30:54 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-02-14 10:30:53 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-02-14 10:30:52 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-14 10:30:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-02-14 10:30:47 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2019-02-14 10:30:47 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-02-14 10:30:47 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-02-14 10:30:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-14 10:30:46 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-02-14 10:30:46 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\wininet.dll
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\mf3216.dll
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-02-14 10:30:45 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2019-02-14 10:30:44 ----A---- C:\WINDOWS\system32\npmproxy.dll
2019-02-14 10:30:44 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2019-02-14 10:30:44 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-02-14 10:30:44 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2019-02-14 10:30:42 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-02-14 10:30:42 ----A---- C:\WINDOWS\system32\win32k.sys
2019-02-14 10:30:42 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-02-14 10:30:42 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2019-02-14 10:30:41 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-02-14 10:30:40 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2019-02-14 10:30:40 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-14 10:30:40 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-02-14 10:30:40 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-02-14 10:30:40 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-02-14 10:30:39 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-02-14 10:30:39 ----A---- C:\WINDOWS\SYSWOW64\NtlmShared.dll
2019-02-14 10:30:39 ----A---- C:\WINDOWS\SYSWOW64\npmproxy.dll
2019-02-14 10:30:39 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-02-14 10:30:39 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-02-14 10:30:39 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-02-14 10:30:39 ----A---- C:\WINDOWS\system32\NtlmShared.dll
2019-02-14 10:30:39 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-02-14 10:30:38 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2019-02-14 10:30:38 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-02-14 10:30:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-02-14 10:30:38 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-02-14 10:30:38 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2019-02-09 12:52:25 ----SHD---- C:\Recovery
2019-02-09 12:48:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-09 12:41:51 ----ASH---- C:\hiberfil.sys
2019-02-09 12:36:10 ----SD---- C:\Users\Karlíkxy\AppData\Roaming\Microsoft
2019-02-09 12:35:02 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2019-02-09 12:35:01 ----D---- C:\Program Files (x86)\VulkanRT
2019-02-09 12:35:01 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2019-02-09 12:35:01 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2019-02-09 12:35:01 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2019-02-09 12:35:01 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2019-02-09 12:34:47 ----A---- C:\WINDOWS\system32\OpenCL.dll
2019-02-09 12:34:14 ----D---- C:\ProgramData\USOShared
2019-02-09 12:34:09 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2019-02-09 12:31:52 ----D---- C:\WINDOWS\Prefetch
2019-02-09 12:30:52 ----D---- C:\WINDOWS\system32\SleepStudy
2019-02-09 12:30:48 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-09 12:29:46 ----D---- C:\Windows.old
2019-02-09 12:09:13 ----AS---- C:\WINDOWS\bootstat.dat
2019-02-09 12:08:35 ----D---- C:\WINDOWS\system32\Microsoft
2019-02-09 12:08:35 ----D---- C:\WINDOWS\ServiceProfiles
2019-02-09 12:05:21 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2019-02-09 12:05:20 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2019-02-09 12:05:19 ----A---- C:\WINDOWS\system32\wmp.dll
2019-02-09 12:05:18 ----A---- C:\WINDOWS\SYSWOW64\wmpshell.dll
2019-02-09 12:05:18 ----A---- C:\WINDOWS\SYSWOW64\wmpdxm.dll
2019-02-09 12:05:18 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2019-02-09 12:05:18 ----A---- C:\WINDOWS\system32\wmpshell.dll
2019-02-09 12:05:18 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2019-02-09 12:05:17 ----A---- C:\WINDOWS\SYSWOW64\wmpeffects.dll
2019-02-09 12:05:17 ----A---- C:\WINDOWS\system32\wmpeffects.dll
2019-02-09 12:05:11 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2019-02-09 12:05:11 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2019-02-09 12:05:11 ----A---- C:\WINDOWS\system32\rdpshell.exe
2019-02-09 12:05:11 ----A---- C:\WINDOWS\system32\rdpinit.exe
2019-02-09 12:05:11 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2019-02-09 12:05:11 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-09 12:05:10 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2019-02-09 12:05:10 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2019-02-09 12:05:10 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2019-02-09 12:05:10 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2019-02-09 12:05:09 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2019-02-09 12:05:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2019-02-09 12:05:08 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2019-02-09 12:05:08 ----A---- C:\WINDOWS\system32\mfps.dll
2019-02-09 12:05:08 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-09 12:05:08 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2019-02-09 12:05:07 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2019-02-09 12:05:07 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-02-09 12:05:06 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2019-02-09 12:05:06 ----A---- C:\WINDOWS\system32\mfsvr.dll
2019-02-09 12:05:06 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-09 12:05:05 ----A---- C:\WINDOWS\system32\tellib.dll
2019-02-09 12:05:05 ----A---- C:\WINDOWS\system32\drivers\mssecflt.sys
2019-02-09 12:05:04 ----A---- C:\WINDOWS\system32\bdesvc.dll
2019-02-09 12:05:03 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2019-02-09 12:05:03 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2019-02-09 12:04:58 ----RA---- C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-02-09 12:04:58 ----RA---- C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-02-09 12:04:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-09 12:04:58 ----A---- C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-09 12:04:58 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2019-02-09 12:04:56 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-09 12:04:56 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-02-09 12:04:55 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2019-02-09 12:04:55 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-02-09 12:04:55 ----A---- C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-02-09 12:04:55 ----A---- C:\WINDOWS\system32\AssignedAccessManager.dll
2019-02-09 12:04:53 ----A---- C:\WINDOWS\SYSWOW64\wscinterop.dll
2019-02-09 12:04:51 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2019-02-09 12:04:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2019-02-09 12:04:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2019-02-09 12:04:51 ----A---- C:\WINDOWS\SYSWOW64\perfts.dll
2019-02-09 12:04:50 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2019-02-09 12:04:49 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2019-02-09 12:04:48 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2019-02-09 12:04:47 ----A---- C:\WINDOWS\SYSWOW64\regedit.exe
2019-02-09 12:04:47 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2019-02-09 12:04:46 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2019-02-09 12:04:45 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-02-09 12:04:41 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2019-02-09 12:04:41 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2019-02-09 12:04:41 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2019-02-09 12:04:41 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2019-02-09 12:04:41 ----A---- C:\WINDOWS\SYSWOW64\CastingShellExt.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\wwansvc.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\wscinterop.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\sysmain.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\SpaceControl.dll
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\SpaceAgent.exe
2019-02-09 12:04:34 ----A---- C:\WINDOWS\system32\ProvSysprep.dll
2019-02-09 12:04:33 ----A---- C:\WINDOWS\system32\perfts.dll
2019-02-09 12:04:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2019-02-09 12:04:33 ----A---- C:\WINDOWS\system32\AcGenral.dll
2019-02-09 12:04:32 ----A---- C:\WINDOWS\system32\termsrv.dll
2019-02-09 12:04:32 ----A---- C:\WINDOWS\system32\PktMon.exe
2019-02-09 12:04:32 ----A---- C:\WINDOWS\system32\nlahc.dll
2019-02-09 12:04:32 ----A---- C:\WINDOWS\system32\CPFilters.dll
2019-02-09 12:04:32 ----A---- C:\WINDOWS\system32\AcLayers.dll
2019-02-09 12:04:30 ----A---- C:\WINDOWS\system32\systemreset.exe
2019-02-09 12:04:30 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-09 12:04:30 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2019-02-09 12:04:30 ----A---- C:\WINDOWS\system32\reseteng.dll
2019-02-09 12:04:30 ----A---- C:\WINDOWS\system32\FSClient.dll
2019-02-09 12:04:30 ----A---- C:\WINDOWS\system32\FrameServer.dll
2019-02-09 12:04:29 ----A---- C:\WINDOWS\system32\wsp_health.dll
2019-02-09 12:04:29 ----A---- C:\WINDOWS\system32\offreg.dll
2019-02-09 12:04:28 ----A---- C:\WINDOWS\regedit.exe
2019-02-09 12:04:27 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2019-02-09 12:04:27 ----A---- C:\WINDOWS\system32\msisip.dll
2019-02-09 12:04:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-02-09 12:04:20 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2019-02-09 12:04:19 ----A---- C:\WINDOWS\system32\iscsiwmi.dll
2019-02-09 12:04:19 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2019-02-09 12:04:18 ----A---- C:\WINDOWS\system32\jscript.dll
2019-02-09 12:04:15 ----A---- C:\WINDOWS\system32\ClipUp.exe
2019-02-09 12:04:15 ----A---- C:\WINDOWS\system32\CastingShellExt.dll
2019-02-09 12:04:14 ----A---- C:\WINDOWS\system32\spacebridge.dll
2019-02-09 12:04:14 ----A---- C:\WINDOWS\system32\resutils.dll
2019-02-09 12:04:14 ----A---- C:\WINDOWS\system32\mispace.dll
2019-02-09 12:04:14 ----A---- C:\WINDOWS\system32\discan.dll
2019-02-09 12:04:14 ----A---- C:\WINDOWS\system32\defragsvc.dll
2019-02-09 12:04:14 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-02-09 12:04:13 ----A---- C:\WINDOWS\SYSWOW64\scrrun.dll
2019-02-09 12:04:13 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-09 12:04:13 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2019-02-09 12:04:12 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-02-09 12:04:12 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2019-02-09 12:04:11 ----A---- C:\WINDOWS\SYSWOW64\xpsservices.dll
2019-02-09 12:04:11 ----A---- C:\WINDOWS\SYSWOW64\setupcln.dll
2019-02-09 12:04:10 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2019-02-09 12:04:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-02-09 12:04:10 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2019-02-09 12:04:09 ----A---- C:\WINDOWS\SYSWOW64\prnntfy.dll
2019-02-09 12:04:08 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-02-09 12:04:08 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2019-02-09 12:04:08 ----A---- C:\WINDOWS\SYSWOW64\rasppp.dll
2019-02-09 12:04:08 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2019-02-09 12:04:08 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2019-02-09 12:04:08 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-02-09 12:04:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2019-02-09 12:04:07 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-02-09 12:04:07 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2019-02-09 12:04:07 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-02-09 12:04:07 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\nslookup.exe
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\fdBth.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2019-02-09 12:04:06 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2019-02-09 12:04:05 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2019-02-09 12:03:59 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2019-02-09 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2019-02-09 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2019-02-09 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2019-02-09 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2019-02-09 12:03:57 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2019-02-09 12:03:57 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2019-02-09 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-09 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2019-02-09 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2019-02-09 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2019-02-09 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2019-02-09 12:03:55 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2019-02-09 12:03:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2019-02-09 12:03:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Diagnostics.dll
2019-02-09 12:03:54 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2019-02-09 12:03:54 ----A---- C:\WINDOWS\SYSWOW64\coml2.dll
2019-02-09 12:03:53 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2019-02-09 12:03:53 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-02-09 12:03:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2019-02-09 12:03:53 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2019-02-09 12:03:53 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2019-02-09 12:03:53 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\windows.applicationmodel.datatransfer.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2019-02-09 12:03:52 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2019-02-09 12:03:51 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2019-02-09 12:03:51 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2019-02-09 12:03:51 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2019-02-09 12:03:51 ----A---- C:\WINDOWS\SYSWOW64\spopk.dll
2019-02-09 12:03:51 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2019-02-09 12:03:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2019-02-09 12:03:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2019-02-09 12:03:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-09 12:03:49 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2019-02-09 12:03:49 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2019-02-09 12:03:48 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2019-02-09 12:03:48 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2019-02-09 12:03:48 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2019-02-09 12:03:48 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2019-02-09 12:03:48 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2019-02-09 12:03:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-09 12:03:47 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2019-02-09 12:03:47 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2019-02-09 12:03:47 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-02-09 12:03:46 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-02-09 12:03:46 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-02-09 12:03:46 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-09 12:03:46 ----A---- C:\WINDOWS\system32\policymanager.dll
2019-02-09 12:03:46 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2019-02-09 12:03:45 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-02-09 12:03:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-02-09 12:03:45 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-02-09 12:03:44 ----A---- C:\WINDOWS\system32\wincredui.dll
2019-02-09 12:03:43 ----A---- C:\WINDOWS\system32\nslookup.exe
2019-02-09 12:03:34 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-02-09 12:03:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2019-02-09 12:03:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2019-02-09 12:03:33 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-02-09 12:03:21 ----A---- C:\WINDOWS\system32\kdnet.dll
2019-02-09 12:03:21 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2019-02-09 12:03:21 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\smss.exe
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2019-02-09 12:03:20 ----A---- C:\WINDOWS\system32\dab.dll
2019-02-09 12:03:19 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-02-09 12:03:19 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2019-02-09 12:03:19 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2019-02-09 12:03:19 ----A---- C:\WINDOWS\system32\themeui.dll
2019-02-09 12:03:18 ----A---- C:\WINDOWS\system32\uDWM.dll
2019-02-09 12:03:18 ----A---- C:\WINDOWS\system32\twinui.dll
2019-02-09 12:03:17 ----A---- C:\WINDOWS\system32\zipfldr.dll
2019-02-09 12:03:17 ----A---- C:\WINDOWS\system32\wisp.dll
2019-02-09 12:03:17 ----A---- C:\WINDOWS\system32\mfc42.dll
2019-02-09 12:03:17 ----A---- C:\WINDOWS\system32\dwmcore.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\winresume.exe
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\winload.exe
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\uReFS.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\ubpm.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\spopk.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\schedsvc.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\refsutil.exe
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\mfc42u.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\fdBth.dll
2019-02-09 12:03:16 ----A---- C:\WINDOWS\system32\drivers\fileinfo.sys
2019-02-09 12:03:15 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2019-02-09 12:03:15 ----A---- C:\WINDOWS\system32\ole32.dll
2019-02-09 12:03:15 ----A---- C:\WINDOWS\system32\apphelp.dll
2019-02-09 12:03:14 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-09 12:03:11 ----A---- C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-09 12:03:10 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-02-09 12:03:10 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-09 12:03:10 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-02-09 12:03:10 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-09 12:03:10 ----A---- C:\WINDOWS\system32\NotificationController.dll
2019-02-09 12:03:10 ----A---- C:\WINDOWS\system32\ApplicationFrame.dll
2019-02-09 12:03:09 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-09 12:03:09 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-09 12:03:09 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-09 12:03:09 ----A---- C:\WINDOWS\system32\PhoneService.dll
2019-02-09 12:03:08 ----A---- C:\WINDOWS\system32\shell32.dll
2019-02-09 12:03:08 ----A---- C:\WINDOWS\system32\setupcln.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\sppsvc.exe
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\sppcext.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\scrrun.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\rasppp.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\rasman.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\rascustom.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\prnntfy.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\pidgenx.dll
2019-02-09 12:03:07 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\vpnike.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\nlaapi.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\ncsi.dll
2019-02-09 12:03:06 ----A---- C:\WINDOWS\system32\mprddm.dll
2019-02-09 12:03:05 ----A---- C:\WINDOWS\system32\xpsservices.dll
2019-02-09 12:03:05 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2019-02-09 12:03:05 ----A---- C:\WINDOWS\system32\setupapi.dll
2019-02-09 12:03:05 ----A---- C:\WINDOWS\system32\APMon.dll
2019-02-09 12:02:59 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2019-02-09 12:02:59 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-02-09 12:02:59 ----A---- C:\WINDOWS\system32\lpkinstall.exe
2019-02-09 12:02:59 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\user32.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\SensorService.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\hal.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\daxexec.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\bthserv.dll
2019-02-09 12:02:58 ----A---- C:\WINDOWS\system32\BTAGService.dll
2019-02-09 12:02:57 ----A---- C:\WINDOWS\system32\rmclient.dll
2019-02-09 12:02:57 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2019-02-09 12:02:57 ----A---- C:\WINDOWS\system32\psmsrv.dll
2019-02-09 12:02:57 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-09 12:02:57 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2019-02-09 12:02:57 ----A---- C:\WINDOWS\system32\bisrv.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\wpnsruprov.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2019-02-09 12:02:56 ----A---- C:\WINDOWS\system32\ISM.dll
2019-02-09 12:02:55 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-02-09 12:02:55 ----A---- C:\WINDOWS\system32\drivers\msgpioclx.sys
2019-02-09 12:02:55 ----A---- C:\WINDOWS\system32\coml2.dll
2019-02-09 12:02:54 ----A---- C:\WINDOWS\system32\tquery.dll
2019-02-09 12:02:54 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2019-02-09 12:02:54 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-02-09 12:02:54 ----A---- C:\WINDOWS\system32\mssprxy.dll
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\mssvp.dll
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\mssrch.dll
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\mssph.dll
2019-02-09 12:02:53 ----A---- C:\WINDOWS\system32\msscntrs.dll
2019-02-09 12:02:52 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-02-09 12:02:52 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-02-09 12:02:52 ----A---- C:\WINDOWS\system32\InputService.dll
2019-02-09 12:02:52 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2019-02-09 12:02:52 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2019-02-09 12:02:52 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\FntCache.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\DWrite.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\D3D12.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\appsruprov.dll
2019-02-09 12:02:51 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\cdp.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2019-02-09 12:02:50 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-02-09 12:02:49 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2019-02-09 12:02:49 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-09 12:02:48 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-09 12:02:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-09 12:02:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-09 12:02:47 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-09 12:02:46 ----A---- C:\WINDOWS\system32\StartTileData.dll
2019-02-09 12:02:42 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-09 12:02:41 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-02-09 12:02:40 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2019-02-09 12:02:40 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-09 12:02:40 ----A---- C:\WINDOWS\system32\localspl.dll
2019-02-09 12:02:40 ----A---- C:\WINDOWS\explorer.exe
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\wscapi.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\wpx.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\wlansvc.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\provtool.exe
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\provops.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\provhandlers.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\provengine.dll
2019-02-09 12:02:39 ----A---- C:\WINDOWS\system32\provdatastore.dll
2019-02-09 12:02:37 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2019-02-09 12:02:37 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-02-09 12:02:37 ----A---- C:\WINDOWS\system32\AudioSes.dll
2019-02-09 12:02:37 ----A---- C:\WINDOWS\system32\AudioEng.dll
2019-02-09 12:02:37 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-09 12:02:36 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2019-02-09 12:02:36 ----A---- C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-09 12:02:36 ----A---- C:\WINDOWS\system32\audiodg.exe
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\umpo-overrides.dll
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\energyprov.dll
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\eeprov.dll
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\drivers\http.sys
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-02-09 12:02:35 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\TransportDSA.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-02-09 12:02:34 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2019-02-09 12:02:33 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2019-02-09 12:02:33 ----A---- C:\WINDOWS\system32\wer.dll
2019-02-09 12:02:33 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-09 12:02:33 ----A---- C:\WINDOWS\system32\dbgeng.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\wuuhext.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\wuaueng.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-02-09 12:02:32 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-09 12:02:31 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2019-02-09 12:02:31 ----A---- C:\WINDOWS\system32\w32time.dll
2019-02-09 12:02:31 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-02-09 12:02:31 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2019-02-09 12:02:31 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2019-02-09 12:02:31 ----A---- C:\WINDOWS\system32\diagtrack.dll
2019-02-09 12:02:30 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2019-02-09 12:02:30 ----A---- C:\WINDOWS\SYSWOW64\drvstore.dll
2019-02-09 12:02:30 ----A---- C:\WINDOWS\system32\MTF.dll
2019-02-09 12:02:30 ----A---- C:\WINDOWS\system32\mf.dll
2019-02-09 12:02:30 ----A---- C:\WINDOWS\system32\drvstore.dll
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\wkssvc.dll
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\vertdll.dll
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\esent.dll
2019-02-09 12:02:29 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-02-09 12:02:26 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-02-09 12:02:26 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2019-02-09 12:02:25 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\system32\tzres.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\system32\profsvc.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\system32\combase.dll
2019-02-09 12:02:25 ----A---- C:\WINDOWS\system32\ci.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\WinTypes.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\wc_storage.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\netiohlp.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\mswsock.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\container.dll
2019-02-09 12:02:24 ----A---- C:\WINDOWS\system32\bcdedit.exe
2019-02-09 12:02:23 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-02-09 12:02:23 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-09 12:02:23 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\SYSWOW64\iscsiwmi.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-09 12:02:22 ----A---- C:\WINDOWS\system32\drivers\mmcss.sys
2019-02-09 12:02:22 ----A---- C:\WINDOWS\system32\drivers\ClipSp.sys
2019-02-09 12:02:22 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-09 12:02:21 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2019-02-09 12:02:21 ----A---- C:\WINDOWS\SYSWOW64\WSManMigrationPlugin.dll
2019-02-09 12:02:21 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2019-02-09 12:02:21 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2019-02-09 12:02:20 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2019-02-09 12:02:20 ----A---- C:\WINDOWS\SYSWOW64\WSManHTTPConfig.exe
2019-02-09 12:02:20 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2019-02-09 12:02:20 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-02-09 12:02:20 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2019-02-09 12:02:20 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2019-02-09 12:02:18 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2019-02-09 12:02:16 ----A---- C:\WINDOWS\system32\vid.dll
2019-02-09 12:02:16 ----A---- C:\WINDOWS\system32\icsvcext.dll
2019-02-09 12:02:16 ----A---- C:\WINDOWS\system32\icsvc.dll
2019-02-09 12:02:15 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2019-02-09 12:02:15 ----A---- C:\WINDOWS\SYSWOW64\netiohlp.dll
2019-02-09 12:02:15 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2019-02-09 12:02:15 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2019-02-09 12:02:15 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2019-02-09 12:02:15 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2019-02-09 12:02:15 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2019-02-09 12:02:15 ----A---- C:\WINDOWS\system32\computestorage.dll
2019-02-09 12:02:15 ----A---- C:\WINDOWS\system32\computecore.dll
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2019-02-09 12:02:14 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2019-02-09 12:02:13 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2019-02-09 11:55:24 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2019-02-09 11:55:18 ----D---- C:\Program Files\Reference Assemblies
2019-02-09 11:55:18 ----D---- C:\Program Files\MSBuild
2019-02-09 11:55:18 ----D---- C:\Program Files (x86)\Reference Assemblies
2019-02-09 11:55:18 ----D---- C:\Program Files (x86)\MSBuild
2019-02-09 11:54:44 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2019-02-09 11:54:44 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2019-02-09 11:54:43 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-02-09 11:54:43 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-02-09 11:54:42 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-02-09 11:54:41 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2019-02-09 11:53:20 ----A---- C:\WINDOWS\SYSWOW64\XPSSHHDR.dll
2019-02-09 11:53:20 ----A---- C:\WINDOWS\SYSWOW64\XpsFilt.dll
2019-02-09 11:53:20 ----A---- C:\WINDOWS\system32\XPSSHHDR.dll
2019-02-09 11:53:20 ----A---- C:\WINDOWS\system32\XpsFilt.dll
2019-02-09 11:21:07 ----DC---- C:\WINDOWS\Panther
2019-02-08 12:13:54 ----D---- C:\ProgramData\Wargaming.net
2019-02-02 08:37:22 ----D---- C:\ProgramData\Mozilla
2019-01-29 17:53:39 ----D---- C:\ProgramData\Gaijin
2019-01-20 09:47:43 ----D---- C:\Program Files (x86)\Microsoft
2019-01-20 09:43:36 ----D---- C:\Program Files (x86)\Seznam.cz
2019-01-20 09:43:25 ----D---- C:\Users\Karlíkxy\AppData\Roaming\Seznam.cz
2019-01-20 09:43:23 ----D---- C:\Users\Karlíkxy\AppData\Roaming\Skype
2019-01-19 22:53:28 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2019-02-18 00:37:39 ----RD---- C:\Program Files
2019-02-18 00:36:51 ----D---- C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-02-18 00:36:28 ----D---- C:\WINDOWS\Temp
2019-02-18 00:15:09 ----D---- C:\Program Files (x86)\Steam
2019-02-17 23:57:00 ----D---- C:\WINDOWS\system32\sru
2019-02-17 23:56:00 ----D---- C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-02-17 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-02-17 17:36:07 ----D---- C:\WINDOWS\Logs
2019-02-17 17:35:42 ----D---- C:\WINDOWS\system32\config
2019-02-17 17:34:14 ----HD---- C:\Program Files\WindowsApps
2019-02-17 17:34:11 ----D---- C:\WINDOWS\AppReadiness
2019-02-17 15:17:10 ----SHDC---- C:\WINDOWS\Installer
2019-02-17 15:17:10 ----HD---- C:\Config.Msi
2019-02-17 15:17:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-02-17 15:17:03 ----RD---- C:\WINDOWS\Microsoft.NET
2019-02-17 15:15:37 ----D---- C:\Program Files (x86)\Microsoft Office
2019-02-17 14:06:57 ----D---- C:\WINDOWS\System32
2019-02-17 14:06:57 ----D---- C:\WINDOWS\INF
2019-02-16 23:33:03 ----D---- C:\ProgramData\NVIDIA
2019-02-16 21:07:27 ----D---- C:\Windows
2019-02-16 21:06:43 ----D---- C:\WINDOWS\Tasks
2019-02-16 21:04:23 ----A---- C:\WINDOWS\ntbtlog.txt
2019-02-16 20:29:28 ----RD---- C:\Program Files (x86)
2019-02-16 20:29:14 ----HD---- C:\ProgramData
2019-02-16 20:14:49 ----D---- C:\WINDOWS\system32\catroot2
2019-02-16 19:37:50 ----D---- C:\WINDOWS\system32\drivers
2019-02-16 16:54:58 ----D---- C:\WINDOWS\WinSxS
2019-02-16 16:45:06 ----D---- C:\Hry
2019-02-16 16:31:35 ----D---- C:\WINDOWS\CbsTemp
2019-02-16 16:31:31 ----D---- C:\WINDOWS\servicing
2019-02-16 16:26:45 ----RSD---- C:\WINDOWS\assembly
2019-02-16 16:26:23 ----SHD---- C:\System Volume Information
2019-02-16 16:22:42 ----D---- C:\GOG Games
2019-02-16 15:39:01 ----A---- C:\WINDOWS\win.ini
2019-02-16 15:38:48 ----D---- C:\WINDOWS\debug
2019-02-14 20:55:52 ----D---- C:\WINDOWS\system32\DriverStore
2019-02-14 12:10:10 ----D---- C:\WINDOWS\system32\WDI
2019-02-14 12:05:42 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2019-02-14 12:04:17 ----D---- C:\WINDOWS\SysWOW64
2019-02-14 12:04:17 ----D---- C:\WINDOWS\system32\appraiser
2019-02-14 12:04:16 ----D---- C:\WINDOWS\bcastdvr
2019-02-14 12:04:16 ----D---- C:\WINDOWS\apppatch
2019-02-14 10:26:21 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-02-14 10:22:07 ----D---- C:\WINDOWS\system32\MRT
2019-02-14 10:22:01 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-02-11 14:38:47 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-02-10 10:20:42 ----D---- C:\WINDOWS\appcompat
2019-02-09 18:42:32 ----D---- C:\Users\Karlíkxy\AppData\Roaming\Wargaming.net
2019-02-09 18:08:46 ----SD---- C:\ProgramData\Microsoft
2019-02-09 17:48:09 ----D---- C:\Games
2019-02-09 17:40:32 ----D---- C:\WINDOWS\ServiceState
2019-02-09 17:39:43 ----D---- C:\ProgramData\Packages
2019-02-09 17:35:52 ----D---- C:\WINDOWS\system32\restore
2019-02-09 12:53:11 ----D---- C:\WINDOWS\Registration
2019-02-09 12:52:33 ----D---- C:\WINDOWS\SoftwareDistribution
2019-02-09 12:52:25 ----D---- C:\Program Files\windows nt
2019-02-09 12:52:03 ----D---- C:\WINDOWS\system32\Tasks
2019-02-09 12:48:03 ----RD---- C:\WINDOWS\PrintDialog
2019-02-09 12:47:18 ----D---- C:\WINDOWS\system32\wbem
2019-02-09 12:46:57 ----D---- C:\WINDOWS\SYSWOW64\wbem
2019-02-09 12:36:10 ----RD---- C:\Users
2019-02-09 12:33:38 ----D---- C:\ProgramData\NVIDIA Corporation
2019-02-09 12:33:26 ----D---- C:\Program Files\NVIDIA Corporation
2019-02-09 12:31:28 ----D---- C:\WINDOWS\system32\Recovery
2019-02-09 12:29:59 ----RSD---- C:\WINDOWS\Fonts
2019-02-09 12:29:59 ----D---- C:\WINDOWS\system32\WinBioDatabase
2019-02-09 12:29:59 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2019-02-09 12:29:58 ----D---- C:\WINDOWS\twain_32
2019-02-09 12:29:58 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-02-09 12:29:58 ----D---- C:\WINDOWS\system32\drivers\etc
2019-02-09 12:29:57 ----D---- C:\WINDOWS\system32\zh-HK
2019-02-09 12:29:57 ----D---- C:\WINDOWS\system32\spool
2019-02-09 12:29:56 ----D---- C:\WINDOWS\system32\NDF
2019-02-09 12:29:56 ----D---- C:\WINDOWS\system32\Macromed
2019-02-09 12:29:54 ----D---- C:\WINDOWS\system32\appmgmt
2019-02-09 12:29:52 ----D---- C:\WINDOWS\LiveKernelReports
2019-02-09 12:29:51 ----D---- C:\WINDOWS\Help
2019-02-09 12:29:51 ----D---- C:\WINDOWS\cs
2019-02-09 12:29:49 ----D---- C:\Program Files\Common Files\microsoft shared
2019-02-09 12:29:49 ----D---- C:\Program Files (x86)\Windows Media Player
2019-02-09 12:29:49 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-02-09 12:29:49 ----D---- C:\Program Files (x86)\Microsoft.NET
2019-02-09 12:29:49 ----D---- C:\Program Files (x86)\Common Files
2019-02-09 12:29:49 ----AD---- C:\Program Files\UNP
2019-02-09 12:24:46 ----D---- C:\WINDOWS\Setup
2019-02-09 12:14:57 ----D---- C:\WINDOWS\InfusedApps
2019-02-09 12:11:31 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2019-02-09 12:11:28 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2019-02-09 12:11:26 ----D---- C:\WINDOWS\system32\drivers\NVIDIA Corporation
2019-02-09 12:10:07 ----D---- C:\WINDOWS\Resources
2019-02-09 12:09:55 ----D---- C:\Program Files (x86)\Windows Mail
2019-02-09 12:09:54 ----D---- C:\Program Files\Windows Mail
2019-02-09 12:06:58 ----D---- C:\WINDOWS\TextInput
2019-02-09 12:06:58 ----D---- C:\WINDOWS\SYSWOW64\oobe
2019-02-09 12:06:58 ----D---- C:\WINDOWS\SYSWOW64\Dism
2019-02-09 12:06:57 ----SD---- C:\WINDOWS\system32\DiagSvcs
2019-02-09 12:06:57 ----D---- C:\WINDOWS\system32\oobe
2019-02-09 12:06:57 ----D---- C:\WINDOWS\system32\migwiz
2019-02-09 12:06:57 ----D---- C:\WINDOWS\system32\en-US
2019-02-09 12:06:57 ----D---- C:\WINDOWS\system32\Dism
2019-02-09 12:06:57 ----D---- C:\WINDOWS\system32\Boot
2019-02-09 12:06:56 ----D---- C:\WINDOWS\ShellExperiences
2019-02-09 12:06:56 ----D---- C:\WINDOWS\ShellComponents
2019-02-09 12:06:56 ----D---- C:\Program Files\Windows Photo Viewer
2019-02-09 12:06:56 ----D---- C:\Program Files\Windows Media Player
2019-02-09 12:06:56 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2019-02-09 12:06:56 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2019-02-09 11:56:00 ----D---- C:\WINDOWS\system32\drivers\en-US
2019-02-09 11:55:24 ----D---- C:\WINDOWS\SYSWOW64\MUI
2019-02-09 11:55:24 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-02-09 11:55:24 ----D---- C:\WINDOWS\system32\MUI
2019-02-09 11:55:24 ----D---- C:\WINDOWS\system32\cs-CZ
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\zh-TW
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\zh-CN
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\uk-UA
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\tr-TR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\th-TH
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\sv-SE
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-RS
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\sl-SI
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\ru-RU
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\ro-RO
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\pt-PT
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\pt-BR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\pl-PL
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\nb-NO
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\lv-LV
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\lt-LT
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\ko-KR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\ja-JP
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\it-IT
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\hu-HU
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\hr-HR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\he-IL
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\fr-FR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\fr-CA
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\fi-FI
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\et-EE
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\es-MX
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\es-ES
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\en-GB
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\el-GR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\de-DE
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\da-DK
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\bg-BG
2019-02-09 11:53:26 ----D---- C:\WINDOWS\SYSWOW64\ar-SA
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\zh-TW
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\zh-CN
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\uk-UA
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\tr-TR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\th-TH
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\sv-SE
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\sl-SI
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\sk-SK
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\ru-RU
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\ro-RO
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\pt-PT
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\pt-BR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\pl-PL
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\nl-NL
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\nb-NO
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\lv-LV
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\lt-LT
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\ko-KR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\ja-jp
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\it-IT
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\hu-HU
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\hr-HR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\he-IL
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\fr-FR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\fr-CA
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\fi-FI
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\et-EE
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\es-MX
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\es-ES
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\en-GB
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\el-GR
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\de-DE
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\da-DK
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\bg-BG
2019-02-09 11:53:26 ----D---- C:\WINDOWS\system32\ar-SA
2019-02-04 22:30:07 ----AD---- C:\Program Files (x86)\Winstep
2019-02-03 19:49:14 ----D---- C:\ProgramData\Electronic Arts
2019-02-03 15:16:05 ----D---- C:\ProgramData\Origin
2019-02-02 14:19:18 ----D---- C:\Users\Karlíkxy\AppData\Roaming\dvdcss
2019-01-27 17:12:56 ----D---- C:\Program Files\ESET
2019-01-20 09:47:43 ----D---- C:\ProgramData\Skype
2019-01-20 09:47:42 ----RD---- C:\Program Files (x86)\Skype
2019-01-19 19:48:56 ----D---- C:\Program Files\rempl

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DLMFENC;DLMFENC; C:\WINDOWS\system32\DRIVERS\DLMFENC.sys [2018-02-27 174152]
R0 DLPCRYPT;DLPCRYPT; C:\WINDOWS\system32\DRIVERS\dlpcrypt.sys [2017-11-02 121728]
R0 dlpvdisk;dlpvdisk; C:\WINDOWS\system32\DRIVERS\dlpvdisk.sys [2017-11-02 98296]
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2018-10-26 107896]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-02-09 55608]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2019-02-09 317440]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-09-15 87552]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-09-15 63288]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-10-26 143448]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-10-26 188832]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2018-10-26 82304]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2018-10-26 109864]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-09-15 452096]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2018-10-26 50144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-02-09 51712]
R3 NVHDA;@oem12.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2018-02-25 226760]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_048172e9d7cc483d\nvlddmkm.sys [2018-02-26 17524720]
R3 rt640x64;@oem17.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2018-10-24 680416]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-02-21 15872]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-09-15 135168]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2018-09-15 219960]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2018-09-15 172560]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-02-09 102392]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-02-09 111104]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-09-15 90624]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-02-09 1221120]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-09-15 92672]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-09-15 63288]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-09-15 125952]
S3 dot4;@oem10.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem19.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem10.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 ew_usbccgpfilter;@oem26.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2018-12-12 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-09-15 80184]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-09-15 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-09-15 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2018-09-15 290816]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-09-15 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-02-14 982032]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2016-12-21 40240]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-09-15 202240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-09-15 33080]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-09-15 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-12-13 2917864]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-12-13 2709480]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_92aa02;Uživatelská služba platformy připojených zařízení_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-02-07 11013280]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 dlpsrv;DESlock+ Service; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [2017-11-02 542400]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-12-14 2302160]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\syswow64\svchost.exe [2018-09-15 45448]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-12-12 190784]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-02-23 462864]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-10 460872]
R2 OneSyncSvc_92aa02;Hostitel synchronizace_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-09-15 254832]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_92aa02;Uživatelská služba schránky_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\syswow64\svchost.exe [2018-09-15 45448]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-02-09 864056]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_92aa02;Uživatelská služba pro GameDVR a vysílání her_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_92aa02;Služba pro podporu uživatelů Bluetooth_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_92aa02;CaptureService_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_92aa02;ConsentUX_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_92aa02;DevicePicker_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_92aa02;Tok zařízení_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-09-15 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-02-09 43632]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_92aa02;Služba zasílání zpráv_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 ose;Office Source Engine; c:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-01-24 213096]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_92aa02;Data kontaktů_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_92aa02;PrintWorkflow_92aa02; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2019-02-09 5381128]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-09-15 51696]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-09-15 831504]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 51696]

-----------------EOF-----------------

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Re: Prosím o preventivku

#3 Příspěvek od kodl74 »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-15.6 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-18-2019
# Duration: 00:00:05
# OS: Windows 10 Pro
# Cleaned: 11
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Karlíkxy\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2339 octets] - [18/02/2019 09:57:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#4 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Re: Prosím o preventivku

#5 Příspěvek od kodl74 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2019
Ran by Karlíkxy (administrator) on VELKEJPC (18-02-2019 13:11:07)
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Platform: Windows 10 Pro Version 1809 17763.316 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(BitTorrent, Inc.) C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2018-12-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [270336 2013-11-11] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [94152 2018-09-24] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-02-08] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Nexus-Ultimate] => C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [14688896 2018-06-03] (Winstep Software Technologies)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {ebd91e8b-85fb-11e8-8517-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4144462506-2486898719-981058799-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-02-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kmapm4jw.default
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default [2019-02-18]
FF Homepage: Mozilla\Firefox\Profiles\kmapm4jw.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\kmapm4jw.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: pavel.sherbakov@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: quickdial@matmoul.com
FF NewTabOverride: Mozilla\Firefox\Profiles\kmapm4jw.default -> Disabled: {0a79bc58-665f-4534-a7ea-6d61d68194fb}
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (S3.Translator) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\s3google@translator.xpi [2018-10-09]
FF Extension: (uBlock Origin) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\uBlock0@raymondhill.net.xpi [2019-02-06]
FF Extension: (No Name) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-30] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-30] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin HKU\S-1-5-21-4144462506-2486898719-981058799-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products Ltd.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013280 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2017-11-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-02-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775168 2018-01-24] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2018-02-27] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2017-11-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-26] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_048172e9d7cc483d\nvlddmkm.sys [17524720 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [680416 2018-10-24] (Realtek Semiconductor Corp. -> Realtek )
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2017-11-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [155632 2015-08-07] (Gionee Communication Equipment Co.Ltd.Shenzhen -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-05-07] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-18 13:11 - 2019-02-18 13:12 - 000015441 _____ C:\Users\Karlíkxy\Desktop\FRST.txt
2019-02-18 13:10 - 2019-02-18 13:11 - 000000000 ____D C:\FRST
2019-02-18 13:09 - 2019-02-18 13:09 - 002434560 _____ (Farbar) C:\Users\Karlíkxy\Desktop\FRST64.exe
2019-02-18 10:00 - 2019-02-18 10:00 - 000002323 _____ C:\Users\Karlíkxy\Desktop\AdwCleaner[C00].txt
2019-02-18 09:56 - 2019-02-18 09:57 - 000000000 ____D C:\AdwCleaner
2019-02-18 09:55 - 2019-02-18 09:55 - 007316688 _____ (Malwarebytes) C:\Users\Karlíkxy\Desktop\adwcleaner_7.2.7.0.exe
2019-02-18 00:37 - 2019-02-18 00:37 - 000000000 ____D C:\rsit
2019-02-18 00:37 - 2019-02-18 00:37 - 000000000 ____D C:\Program Files\trend micro
2019-02-18 00:36 - 2019-02-18 00:36 - 001222144 _____ C:\Users\Karlíkxy\Desktop\RSITx64.exe
2019-02-17 15:37 - 2019-02-17 15:37 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Adobe
2019-02-17 15:16 - 2019-02-17 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-02-16 16:25 - 2019-02-16 18:00 - 000000000 ____D C:\Users\Karlíkxy\Documents\4A Games
2019-02-16 16:25 - 2019-02-16 16:40 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\4A Games
2019-02-16 16:25 - 2019-02-16 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metro 2033 Redux [GOG.com]
2019-02-16 15:38 - 2019-02-16 15:38 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-02-16 15:12 - 2019-02-16 15:12 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Comms
2019-02-16 14:51 - 2019-02-16 14:51 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CEF
2019-02-14 20:56 - 2019-02-14 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-02-14 20:55 - 2019-02-14 20:56 - 000000000 ____D C:\Program Files (x86)\HiSuite
2019-02-14 10:31 - 2019-02-14 10:31 - 020812288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 006070272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 004688896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 003922944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 000421904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-02-14 10:31 - 2019-02-14 10:31 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-02-14 10:31 - 2019-02-14 10:31 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-02-14 10:30 - 2019-02-14 10:31 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 009683984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-14 10:30 - 2019-02-14 10:30 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 006540424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 004885504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 002927120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 002626592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001969680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 001700864 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001671864 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001467560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-14 10:30 - 2019-02-14 10:30 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-14 10:30 - 2019-02-14 10:30 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000982576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000982032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000765960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000475152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-14 10:30 - 2019-02-14 10:30 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-02-14 10:30 - 2019-02-14 10:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-02-14 10:30 - 2019-02-14 10:30 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-02-09 12:52 - 2019-02-18 09:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-09 12:52 - 2019-02-09 12:52 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-09 12:52 - 2019-02-09 12:52 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-09 12:52 - 2019-02-09 12:52 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-09 12:52 - 2019-02-09 12:52 - 000002810 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-VELKEJPC-Karlíkxy
2019-02-09 12:52 - 2019-02-09 12:52 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-09 12:52 - 2019-02-09 12:52 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-02-09 12:52 - 2019-02-09 12:52 - 000000020 ___SH C:\Users\Karlíkxy\ntuser.ini
2019-02-09 12:52 - 2019-02-09 12:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-4144462506-2486898719-981058799-1001
2019-02-09 12:51 - 2019-02-09 12:52 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-02-09 12:51 - 2019-02-09 12:52 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-02-09 12:48 - 2019-02-18 10:03 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-09 12:38 - 2019-02-09 12:38 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-02-09 12:36 - 2019-02-09 12:52 - 000000000 ____D C:\Users\Karlíkxy
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Šablony
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Soubory cookie
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Poslední
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Okolní tiskárny
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Okolní síť
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Nabídka Start
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Dokumenty
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Documents\Obrázky
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Documents\Hudba
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Documents\Filmy
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\Data aplikací
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-02-09 12:36 - 2019-02-09 12:36 - 000000000 _SHDL C:\Users\Karlíkxy\AppData\Local\Data aplikací
2019-02-09 12:36 - 2018-09-15 08:29 - 000001105 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-02-09 12:35 - 2019-02-09 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-02-09 12:35 - 2019-02-09 12:35 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-02-09 12:35 - 2018-02-23 20:28 - 000136536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2019-02-09 12:35 - 2017-12-08 23:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-02-09 12:35 - 2017-12-08 23:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-02-09 12:35 - 2017-12-08 23:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-02-09 12:35 - 2017-12-08 23:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-02-09 12:34 - 2019-02-09 12:34 - 000000000 ____D C:\ProgramData\USOShared
2019-02-09 12:34 - 2018-09-15 08:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-02-09 12:34 - 2018-02-26 04:50 - 000540472 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-02-09 12:30 - 2019-02-18 12:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-09 12:30 - 2019-02-14 12:05 - 000564656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-02-09 12:29 - 2019-02-09 12:52 - 000000000 ____D C:\Windows.old
2019-02-09 12:09 - 2019-02-09 12:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-02-09 12:08 - 2019-02-09 12:09 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-02-09 12:05 - 2019-02-09 12:05 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 005440008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-02-09 12:05 - 2019-02-09 12:05 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-02-09 12:05 - 2019-02-09 12:05 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-02-09 12:05 - 2019-02-09 12:05 - 002278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-02-09 12:05 - 2019-02-09 12:05 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 001259024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-09 12:05 - 2019-02-09 12:05 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-02-09 12:05 - 2019-02-09 12:05 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-02-09 12:05 - 2019-02-09 12:05 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-02-09 12:05 - 2019-02-09 12:05 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-02-09 12:05 - 2019-02-09 12:05 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 008875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 005584864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 004526080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001309184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-02-09 12:04 - 2019-02-09 12:04 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-02-09 12:04 - 2019-02-09 12:04 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-09 12:04 - 2019-02-09 12:04 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-02-09 12:04 - 2019-02-09 12:04 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 022111856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 005565952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 005205464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 004702704 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 004298752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002776920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002702528 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002072728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001696936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-09 12:03 - 2019-02-09 12:03 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001467384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 001341584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-09 12:03 - 2019-02-09 12:03 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001178344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000726208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000652320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000277536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000262672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-02-09 12:03 - 2019-02-09 12:03 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-09 12:03 - 2019-02-09 12:03 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 004991096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 003386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002992640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002187264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001751560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001401864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001331744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001209360 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000970256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000850968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000822448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000806560 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-02-09 12:02 - 2019-02-09 12:02 - 000806560 _____ C:\WINDOWS\system32\locale.nls
2019-02-09 12:02 - 2019-02-09 12:02 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000651304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000629576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000604552 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000353488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000203280 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000132104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-02-09 12:02 - 2019-02-09 12:02 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-02-09 12:02 - 2019-02-09 12:02 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-02-09 12:02 - 2019-02-09 12:02 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-02-09 11:55 - 2019-02-09 11:55 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-02-09 11:55 - 2019-02-09 11:55 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-02-09 11:55 - 2019-02-09 11:55 - 000000000 ____D C:\Program Files\MSBuild
2019-02-09 11:55 - 2019-02-09 11:55 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-02-09 11:55 - 2019-02-09 11:55 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-02-09 11:54 - 2019-02-09 11:54 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-02-09 11:54 - 2019-02-09 11:54 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-02-09 11:54 - 2019-02-09 11:54 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-02-09 11:54 - 2019-02-09 11:54 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-02-09 11:54 - 2019-02-09 11:54 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-02-09 11:54 - 2019-02-09 11:54 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-02-09 11:53 - 2019-02-09 11:53 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-02-09 11:53 - 2019-02-09 11:53 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-02-09 11:53 - 2019-02-09 11:53 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-02-09 11:53 - 2019-02-09 11:53 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-02-09 11:53 - 2019-02-09 11:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-02-09 11:53 - 2019-02-09 11:53 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-02-09 11:45 - 2019-02-09 11:45 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-02-09 11:21 - 2019-02-09 12:53 - 000000000 ___DC C:\WINDOWS\Panther
2019-02-08 12:13 - 2019-02-08 12:13 - 000000000 ____D C:\ProgramData\Wargaming.net
2019-02-04 22:29 - 2019-02-04 22:29 - 000001131 _____ C:\Users\Karlíkxy\Documents\Winstep.lnk
2019-02-04 19:41 - 2019-02-04 19:41 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Folderico
2019-02-04 19:16 - 2019-02-17 15:16 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-04 19:16 - 2019-02-17 15:16 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-03 15:13 - 2019-02-03 15:13 - 000000000 ____D C:\Users\Karlíkxy\.QtWebEngineProcess
2019-02-03 15:13 - 2019-02-03 15:13 - 000000000 ____D C:\Users\Karlíkxy\.Origin
2019-02-02 11:20 - 2019-02-17 18:51 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Mistři zastavarny XVIII
2019-02-02 08:37 - 2019-02-02 08:37 - 000000000 ____D C:\ProgramData\Mozilla
2019-01-29 17:53 - 2019-01-29 17:53 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Gaijin
2019-01-29 17:53 - 2019-01-29 17:53 - 000000000 ____D C:\ProgramData\Gaijin
2019-01-29 15:06 - 2019-02-09 12:40 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2019-01-27 17:13 - 2019-01-27 17:13 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\DESlock+
2019-01-20 09:47 - 2019-02-14 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-20 09:43 - 2019-01-20 09:46 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Skype
2019-01-19 22:55 - 2019-02-09 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [GOG.com]
2019-01-19 22:55 - 2019-01-19 22:55 - 000000000 ____D C:\Users\Karlíkxy\ansel
2019-01-19 22:53 - 2019-01-19 22:54 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-19 20:57 - 2019-01-19 20:57 - 000000000 ____D C:\Users\Karlíkxy\skype-export

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-18 13:12 - 2018-10-13 19:01 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-02-18 13:11 - 2018-05-07 11:29 - 000036614 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-02-18 13:10 - 2017-03-17 11:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\LocalLow\Mozilla
2019-02-18 10:03 - 2018-09-15 18:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-02-18 10:03 - 2018-09-15 18:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-02-18 10:03 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-02-18 10:00 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-18 09:58 - 2017-04-16 16:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-18 09:57 - 2018-09-15 07:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-02-18 00:37 - 2018-03-09 23:48 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-02-18 00:15 - 2017-03-17 12:38 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Ubisoft Game Launcher
2019-02-18 00:15 - 2017-03-17 12:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-17 22:27 - 2018-07-04 11:06 - 000000000 ____D C:\Users\Karlíkxy\Documents\American Truck Simulator
2019-02-17 18:51 - 2018-02-02 20:52 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Bordel z plochy
2019-02-17 17:34 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-17 17:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-17 15:15 - 2018-07-13 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-17 14:57 - 2017-03-17 11:57 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-02-16 21:06 - 2017-03-20 20:57 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-02-16 21:04 - 2017-11-28 21:28 - 000523124 _____ C:\WINDOWS\ntbtlog.txt
2019-02-16 16:45 - 2017-03-17 14:51 - 000000000 ____D C:\Hry
2019-02-16 16:31 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-16 16:31 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2019-02-16 16:22 - 2018-04-04 16:58 - 000000000 ____D C:\GOG Games
2019-02-16 15:39 - 2016-07-16 12:47 - 000000127 _____ C:\WINDOWS\win.ini
2019-02-16 14:30 - 2017-04-21 16:58 - 000000000 ____D C:\Users\Karlíkxy\Documents\My Games
2019-02-16 14:26 - 2018-05-07 11:05 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\ConnectedDevicesPlatform
2019-02-14 20:55 - 2018-07-12 20:20 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Hisuite
2019-02-14 12:05 - 2017-03-17 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-02-14 12:04 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-14 12:04 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-14 11:24 - 2017-03-20 20:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-14 10:26 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-02-14 10:26 - 2018-09-15 08:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-14 10:25 - 2017-03-17 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-02-14 10:22 - 2017-03-17 13:26 - 129330784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-02-11 15:52 - 2018-08-07 14:16 - 000000000 ____D C:\Users\Karlíkxy\Documents\Euro Truck Simulator 2
2019-02-11 15:31 - 2017-10-18 17:37 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Packages
2019-02-10 10:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat
2019-02-09 18:42 - 2018-03-27 16:15 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Wargaming.net
2019-02-09 17:48 - 2017-03-17 14:10 - 000000000 ____D C:\Games
2019-02-09 17:40 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-02-09 17:39 - 2018-07-10 17:57 - 000000000 ____D C:\ProgramData\Packages
2019-02-09 12:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration
2019-02-09 12:53 - 2017-10-18 17:53 - 000000000 ___RD C:\Users\Karlíkxy\3D Objects
2019-02-09 12:53 - 2016-11-21 05:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-09 12:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\windows nt
2019-02-09 12:48 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-02-09 12:47 - 2017-04-16 16:36 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-02-09 12:40 - 2019-01-05 18:51 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macgo Windows Blu-ray Player
2019-02-09 12:40 - 2018-12-15 20:23 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2019-02-09 12:40 - 2018-11-11 12:07 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prime95
2019-02-09 12:40 - 2018-11-02 18:15 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-02-09 12:40 - 2018-02-22 20:31 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DjVuLibre
2019-02-09 12:40 - 2017-03-17 11:54 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-02-09 12:37 - 2017-03-17 12:38 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-02-09 12:34 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-02-09 12:33 - 2017-04-16 16:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-02-09 12:33 - 2017-04-16 16:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-02-09 12:30 - 2018-09-15 08:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-02-09 12:29 - 2018-11-04 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-02-09 12:29 - 2018-09-21 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange 4 Pro
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Help
2019-02-09 12:29 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-02-09 12:29 - 2018-09-13 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-09 12:29 - 2018-05-04 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moorfrosch XXL
2019-02-09 12:29 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-02-09 12:29 - 2018-04-04 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia II [GOG.com]
2019-02-09 12:29 - 2018-03-07 17:25 - 000000000 ____D C:\WINDOWS\cs
2019-02-09 12:29 - 2017-11-19 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018
2019-02-09 12:29 - 2017-09-06 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Print Passport Photo
2019-02-09 12:29 - 2017-05-20 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRage Reaper nxt
2019-02-09 12:29 - 2017-05-15 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-02-09 12:29 - 2017-04-16 16:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-02-09 12:29 - 2017-04-14 13:19 - 000000000 ____D C:\Program Files\UNP
2019-02-09 12:29 - 2017-03-25 12:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Keyboard
2019-02-09 12:29 - 2017-03-20 14:13 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-02-09 12:29 - 2017-03-19 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
2019-02-09 12:29 - 2017-03-17 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-02-09 12:29 - 2017-03-17 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep
2019-02-09 12:29 - 2017-03-17 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-02-09 12:29 - 2017-03-17 11:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2019-02-09 12:24 - 2018-09-15 08:36 - 000000000 ____D C:\WINDOWS\Setup
2019-02-09 12:14 - 2018-09-15 08:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-02-09 12:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-02-09 12:11 - 2018-12-19 17:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-02-09 12:11 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-02-09 12:10 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Resources
2019-02-09 12:10 - 2018-02-10 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2019-02-09 12:09 - 2018-11-08 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-02-09 12:09 - 2018-01-07 09:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2019-02-09 12:09 - 2017-10-18 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-02-09 12:06 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-02-09 12:06 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-02-09 12:06 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-09 12:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-09 12:06 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-09 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-02-09 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-02-09 11:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-02-08 17:16 - 2018-02-10 21:18 - 000000000 ____D C:\Users\Karlíkxy\Documents\ConvertXToDVD
2019-02-08 12:45 - 2017-12-10 10:59 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CrashDumps
2019-02-06 18:54 - 2018-05-19 20:17 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\D3DSCache
2019-02-04 22:30 - 2017-03-17 11:57 - 000000000 ____D C:\Program Files (x86)\Winstep
2019-02-04 19:46 - 2018-01-21 16:53 - 000000000 ___RD C:\Users\Karlíkxy\Documents\Ashampoo Burning Studio 19
2019-02-04 19:44 - 2017-03-18 22:10 - 000000000 ___RD C:\Users\Karlíkxy\Documents\Adobe
2019-02-03 19:49 - 2017-03-17 21:18 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-02-03 16:39 - 2018-04-24 13:03 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\ElevatedDiagnostics
2019-02-03 15:16 - 2017-03-17 12:47 - 000000000 ____D C:\ProgramData\Origin
2019-02-02 14:19 - 2017-03-21 11:04 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\dvdcss
2019-01-27 17:12 - 2017-10-18 21:01 - 000000000 ____D C:\Program Files\ESET
2019-01-20 09:47 - 2018-08-20 11:00 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-01-20 09:47 - 2018-07-29 17:19 - 000000000 ____D C:\ProgramData\Skype
2019-01-19 19:48 - 2018-11-16 19:50 - 000000000 ____D C:\Program Files\rempl

==================== Files in the root of some directories =======

2018-02-10 21:18 - 2018-02-10 21:18 - 000099384 _____ () C:\Users\Karlíkxy\AppData\Roaming\inst.exe
2018-02-10 21:18 - 2018-02-10 21:18 - 000007859 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.cat
2018-02-10 21:18 - 2018-02-10 21:18 - 000001167 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.inf
2018-02-10 21:18 - 2018-02-10 21:18 - 000000055 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.log
2018-02-10 21:18 - 2018-02-10 21:18 - 000082816 _____ (VSO Software) C:\Users\Karlíkxy\AppData\Roaming\pcouffin.sys
2017-07-26 14:40 - 2017-07-26 14:40 - 000000017 _____ () C:\Users\Karlíkxy\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
2019-02-16 14:32 - 2019-02-03 11:34 - 000515420 _____ () C:\Users\Karlíkxy\AppData\Local\Temp\Uninstall.exe
2019-02-14 12:28 - 2017-03-25 12:21 - 000455600 _____ (Macrovision Corporation) C:\Users\Karlíkxy\AppData\Local\Temp\_is20EF.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Re: Prosím o preventivku

#6 Příspěvek od kodl74 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by Karlíkxy (18-02-2019 13:12:46)
Running from C:\Users\Karlíkxy\Desktop
Windows 10 Pro Version 1809 17763.316 (X64) (2019-02-09 11:52:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 verze 19.0.0.24821 (HKLM-x32\...\{80676034-CAC5-4484-9601-6198241272AC}_is1) (Version: 19.0.0.24821 - Adobe Systems Inc.)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
C5300 (HKLM-x32\...\{095FC6D2-DF7E-40C1-B4AF-FFB3EC472BEB}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
ESET Premium Line Encryption (HKLM\...\{2B31C297-1E0A-4082-B95B-E41B8822FF3D}) (Version: 1.0.14 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 11.0.131.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.3.2.41788.44251 - GOG.com)
Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C5300 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{12440487-BEA5-48CF-A36C-C86F5D350999}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Mafia II (HKLM-x32\...\1816059595_is1) (Version: update5 - GOG.com)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.11231.20174 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 65.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 65.0.1 (x64 cs)) (Version: 65.0.1 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus Ultimate 18.5 (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač 3D Vision 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OCCT 4.5.1 (HKLM-x32\...\OCCT) (Version: 4.5.1 - Ocbase.com)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.01 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Prime95 (HKLM-x32\...\{5DE1B7CF-7429-40CA-987F-6BEE09B63787}) (Version: - )
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
PS_AIO_04_C5300_Software_Min (HKLM-x32\...\{E10008DF-A422-43F1-A2F5-E3B8F5B0139D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Revo Uninstaller Pro 4.0.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.1 - VS Revo Group, Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.39 (HKLM-x32\...\Skype_is1) (Version: 8.39 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spintires MudRunner CZ Codex v.2018.05.21 (HKLM-x32\...\Spintires MudRunner CZ Codex v.2018.05.21) (Version: Codex v.2018.05.21 - Libbi)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 29.1 - Ubisoft)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Wargaming.net Game Center) (Version: 18.9.1.3085 - Wargaming.net)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Winstep Nexus Ultimate 18.5.0.1107 Activation verze 18.5.0.1107 (HKLM-x32\...\{77C662DA-967F-45A4-BFB7-759DE8D5BD8E}_is1) (Version: 18.5.0.1107 - Winstep)
World of Tanks EU (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warplanes (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\WOWP.WW.PRODUCTION) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Karlíkxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Karlíkxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Karlíkxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2017-11-02] (DESlock Limited -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14CFDAF3-5352-4298-B1B2-8E340B6736C8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {160053C4-E90E-45A5-BD9B-B57F2DF566E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1B4B14F6-0646-4409-A65F-239C12FAA5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35C8275F-F6AB-4584-AA0A-FFFB9D6E9AFD} - System32\Tasks\S-1-5-21-4144462506-2486898719-981058799-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {3C319F92-DC61-4170-B681-257C5701168D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5906DD94-AC24-4EDF-A907-A70E82417D89} - System32\Tasks\AdobeGCInvoker-1.0-VELKEJPC-Karlíkxy => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {61D810D5-550E-4C24-BC93-0C0316A152B3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {64183814-E2EF-41F9-BB4A-94E6912C34B0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8FE83EC4-F178-4411-91DA-15AEFCDDF2B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A110620B-FDDB-455B-B1E0-CC7047CFA86E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CA4BBF4E-79AF-42CC-BF56-3AC51F1ADEE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CEB29528-AB0C-4F3F-A41D-2A2CC82A671F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {D964909D-4397-41D3-AE72-541E19CBCB50} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E7E0A54E-FEAD-4B2E-9848-FD58754EDBE4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F0FE289A-9FD9-4D0B-ADEE-6D92C3908F8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F137B41A-5197-4D6F-8DF7-660C44C044E5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-12-19 17:40 - 2018-02-24 05:36 - 000543248 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2018-12-12 11:32 - 2018-12-12 11:32 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-23 01:14 - 2018-07-23 01:14 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2019-02-09 12:03 - 2019-02-09 12:03 - 001740800 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-20 09:47 - 2019-02-08 19:51 - 001837672 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-02-14 10:18 - 2019-02-08 19:51 - 002400096 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2019-02-14 10:18 - 2019-02-08 19:51 - 000097840 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2019-02-14 10:18 - 2019-02-08 19:51 - 000219696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2019-02-14 10:18 - 2019-02-08 19:51 - 000081768 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2019-01-20 09:47 - 2019-02-08 19:51 - 002901504 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-01-20 09:47 - 2019-02-08 19:51 - 000015360 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-02-14 10:18 - 2019-02-08 19:51 - 000405056 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2019-02-14 10:18 - 2019-02-08 19:51 - 000138816 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2018-10-09 16:09 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AE849AFE-84FD-4467-B29B-4FBFAFC1DB44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe ()
FirewallRules: [{6CBCED1B-14F2-460D-A626-F14C319EDECA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 2\trine2_launcher.exe ()
FirewallRules: [{F3E0FD5C-F69D-4AC4-8B31-1AE41E3711A3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{32E8A149-B406-45E3-958E-A03E8BE7D6A3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{CBF859F9-F5F1-4DF0-8132-2B07879C54F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEE01CD9-BE20-4CF7-804A-A5AF0153631A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C63AE60-F597-48F0-9B97-BFB2696A366F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B3454FB4-897C-42FF-B142-B36B4D2CA928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C0086D52-E371-4920-9D73-EFCA8B7F4506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5252A0B7-1570-4860-905C-669A8EB2CB26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DCD5B8E0-B4BA-417B-8918-2C8A9D6ECD33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{20E3B75F-ACBD-41F6-B4FB-82B386993852}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5106BD06-321A-49FC-9329-83A2C7972AA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E88A57CE-41C7-4F23-8812-AD227644DA9B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DA7D7FF3-AA76-4960-BC50-A0F31EC0E45B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F9535EB-FC64-4983-AD5F-DBFF98B1DA6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9D8DDC3D-6F1F-4D86-9C3E-45C5226E48AE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02BA1483-922B-42CB-B3B6-15C7A87572CD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79C29AFA-3284-40CD-89A5-A31B3CE76007}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B50DC172-5662-4924-89B3-1948E84F1E39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BBB6EDBC-1113-4A14-BEF3-EEDF21E5AC67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BF706B9C-A28D-4F64-ADC7-F80C70740F42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{67EBEEC6-3C30-47B3-9BAD-462A9C909840}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{23BB0216-93B6-45A8-BFB0-5B9473AFA268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2019 01:12:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x1b64
Čas spuštění chybující aplikace: 0x01d4c76a1c590574
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 0c577bf3-799c-4513-80a6-5bdde4c3789d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/16/2019 09:01:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17763.107 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 18a8

Čas spuštění: 01d4c62e713b483c

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 41c57434-a2ca-4c4a-9a80-b664db7f2b85

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (02/16/2019 06:32:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x16bc
Čas spuštění chybující aplikace: 0x01d4c60a2770e048
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b36f0f62-80ce-4364-b695-2b2e8313dbd9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/16/2019 04:26:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (02/14/2019 03:34:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x21e0
Čas spuštění chybující aplikace: 0x01d4c4684dfac8a4
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: b029c03a-6ceb-4b0b-8863-4128298e8f7e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/14/2019 02:11:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x1d78
Čas spuštění chybující aplikace: 0x01d4c460c325cb6b
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 0599e2d6-8c24-47d5-8330-f3308c2cf1b8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/14/2019 10:21:32 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/12/2019 07:44:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.1, časové razítko: 0x1c1f7575
Kód výjimky: 0xc000041d
Posun chyby: 0x000060d7
ID chybujícího procesu: 0x100
Čas spuštění chybující aplikace: 0x01d4c2f4ae2429f0
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: c3981f88-a36c-42ea-94c2-b5b29a9d1bea
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/18/2019 12:39:21 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 12:39:21 PM) (Source: DCOM) (EventID: 10016) (User: VELKEJPC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli VELKEJPC\Karlíkxy (SID: S-1-5-21-4144462506-2486898719-981058799-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/18/2019 09:57:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/18/2019 09:57:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Winstep Xtreme Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/18/2019 09:57:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (02/18/2019 09:57:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/18/2019 09:57:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/18/2019 09:57:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-02-09 12:53:06.886
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze podpisu: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===================================

Date: 2019-02-09 12:53:53.914
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.909
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.899
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.882
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.838
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.707
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-09 12:53:53.692
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 15%
Total physical RAM: 16381.55 MB
Available physical RAM: 13903.24 MB
Total Virtual: 17405.55 MB
Available Virtual: 13842.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:571.7 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:681.39 GB) NTFS

\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#7 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše


C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {ebd91e8b-85fb-11e8-8517-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-16 14:32 - 2019-02-03 11:34 - 000515420 _____ () C:\Users\Karlíkxy\AppData\Local\Temp\Uninstall.exe
2019-02-14 12:28 - 2017-03-25 12:21 - 000455600 _____ (Macrovision Corporation) C:\Users\Karlíkxy\AppData\Local\Temp\_is20EF.exe
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Karlíkxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Karlíkxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Karlíkxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
FirewallRules: [{DA7D7FF3-AA76-4960-BC50-A0F31EC0E45B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F9535EB-FC64-4983-AD5F-DBFF98B1DA6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Re: Prosím o preventivku

#8 Příspěvek od kodl74 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2019
Ran by Karlíkxy (18-02-2019 16:09:43) Run:1
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {ebd91e8b-85fb-11e8-8517-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-14 10:30 - 2019-02-14 10:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-16 14:32 - 2019-02-03 11:34 - 000515420 _____ () C:\Users\Karl�kxy\AppData\Local\Temp\Uninstall.exe
2019-02-14 12:28 - 2017-03-25 12:21 - 000455600 _____ (Macrovision Corporation) C:\Users\Karl�kxy\AppData\Local\Temp\_is20EF.exe
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Karl�kxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Karl�kxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Karl�kxy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
FirewallRules: [{DA7D7FF3-AA76-4960-BC50-A0F31EC0E45B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F9535EB-FC64-4983-AD5F-DBFF98B1DA6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

EmptyTemp:
*****************

C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bc1cec3-3048-11e9-8543-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{6bc1cec3-3048-11e9-8543-1c6f658aab67} => not found
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ebd91e8b-85fb-11e8-8517-1c6f658aab67} => removed successfully
HKLM\Software\Classes\CLSID\{ebd91e8b-85fb-11e8-8517-1c6f658aab67} => not found
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
"C:\Users\Karl�kxy\AppData\Local\Temp\Uninstall.exe" => not found
"C:\Users\Karl�kxy\AppData\Local\Temp\_is20EF.exe" => not found
HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-4144462506-2486898719-981058799-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA7D7FF3-AA76-4960-BC50-A0F31EC0E45B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F9535EB-FC64-4983-AD5F-DBFF98B1DA6E}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 149920832 B
Java, Flash, Steam htmlcache => 414366217 B
Windows/system/drivers => 1448390 B
Edge => 1145507 B
Chrome => 0 B
Firefox => 1098447293 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7244 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Karlíkxy => 70546738 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:11:51 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#9 Příspěvek od Diallix »

Ako je na tom pc ?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Re: Prosím o preventivku

#10 Příspěvek od kodl74 »

PC šlape bez problému, jen ta preventivka.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#11 Příspěvek od Diallix »

Dost veci sme zmazali, takze by to mohlo byt ok
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
kodl74
Návštěvník
Návštěvník
Příspěvky: 178
Registrován: 10 kvě 2007 17:14

Re: Prosím o preventivku

#12 Příspěvek od kodl74 »

Děkuji moc.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#13 Příspěvek od Diallix »

za malicko :)
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět