Vytížený disk- svchost.exe, zpomalený net

Zpráva

marecek91 · #1 Příspěvek od **marecek91** » 01 říj 2016 10:27

Hi guys,
budu moc vděčný, když se mrknete na tento log, na PC je velmi časté vytížení disku 100% - svchost.exe, net se seká, naskakujou spouštěcí okna a reklamy... budou pravděpodobně malwary.
Díky moc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2016
Ran by TomĂˇĹˇ (administrator) on GORO (01-10-2016 09:53:55)
Running from C:\Users\TomĂˇĹˇ\Desktop
Loaded Profiles: TomĂˇĹˇ (Available Profiles: TomĂˇĹˇ)
Platform: Windows 10 Home Version 1607 (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}\46B5891B-F11E-3EB0-AD45-9E733C900421.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\syswow64\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.229.607.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\TomĂˇĹˇ\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-05-25] (Power Software Ltd)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-09-13] (LogMeIn Inc.)
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [uTorrent] => C:\Users\TomĂˇĹˇ\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2016-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\TomĂˇĹˇ\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\TomĂˇĹˇ\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKLM\...\Providers\4hz2hmnn: C:\Program Files (x86)\\local64spl.dll [142336 2016-08-31] ()
HKLM\...\Providers\cemrsbcc: C:\Program Files (x86)_\local64spl.dll [142336 2016-08-31] ()
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{2cc58bc7-deaa-489a-af6d-a9c13a902f30}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{2cc58bc7-deaa-489a-af6d-a9c13a902f30}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{923e35e7-4354-42fb-8421-4538b5de6ced}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{b37d25c1-3e70-4a82-9e2c-4b8cb8cd0bbf}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{b37d25c1-3e70-4a82-9e2c-4b8cb8cd0bbf}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{db896915-99ea-4978-b31e-c646860bd52f}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{db896915-99ea-4978-b31e-c646860bd52f}: [DhcpNameServer] 82.163.143.157

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189519434112809&GUID=7EE51068-E3E4-4F75-A1A9-0ED606CA8C92
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189519434148714&GUID=7EE51068-E3E4-4F75-A1A9-0ED606CA8C92
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=147324253 ... WRP2XYWRPX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=147324253 ... WRP2XYWRPX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189519434202568&GUID=7EE51068-E3E4-4F75-A1A9-0ED606CA8C92
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=147324253 ... WRP2XYWRPX
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001 -> {40A21A0B-01F4-4622-BAB6-BE77126F8520} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G8Pzamobl2140BU,67af2033-9a95-448b-ad06-914f465789fd,
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324253 ... WRP2XYWRPX

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR HomePage: tunseplikuphgeqerent -> hxxp://www.trotux.com/?z=7e347ef786ee6d71858e6 ... PX&type=hp
CHR StartupUrls: tunseplikuphgeqerent -> "hxxp://www.trotux.com/?z=7e347ef786ee6d71858e6 ... PX&type=hp"
CHR DefaultSearchURL: tunseplikuphgeqerent -> hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
CHR DefaultSearchKeyword: tunseplikuphgeqerent -> nuesearch
CHR Profile: C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent [2016-10-01] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-17]
CHR Extension: (Disk Google) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-17]
CHR Extension: (Seznam LiĹˇtiÄŤka - Email) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-25]
CHR Extension: (Seznam LiĹˇtiÄŤka - SlovnĂk) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-08-25]
CHR Extension: (YouTube) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-17]
CHR Extension: (Adblock na Youtubeâ„˘) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-09-07]
CHR Extension: (VyhledĂˇvĂˇnĂ Google) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-17]
CHR Extension: (Tabulky Google) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-17]
CHR Extension: (Floating for YouTubeâ„˘) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2016-09-06]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Gmail) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-17]
CHR Extension: (Chrome Media Router) - C:\Users\TomĂˇĹˇ\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-29]
CHR HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2621448 2016-09-13] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [3109888 2016-08-25] (Search Module Ltd.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-01] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-08-31] (LogMeIn Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_dac0245a363caab4\nvlddmkm.sys [14199360 2016-08-13] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [28344 2016-05-12] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
S3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-08-25] ()
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-01 09:53 - 2016-10-01 09:56 - 00019033 _____ C:\Users\TomĂˇĹˇ\Desktop\FRST.txt
2016-10-01 09:53 - 2016-10-01 09:53 - 00000000 ____D C:\FRST
2016-10-01 09:51 - 2016-10-01 09:53 - 00112640 _____ (forum.viry.cz) C:\Users\TomĂˇĹˇ\Desktop\FRSTLauncher.exe
2016-10-01 09:46 - 2016-10-01 09:46 - 02404352 _____ (Farbar) C:\Users\TomĂˇĹˇ\Desktop\FRST64.exe
2016-10-01 09:40 - 2016-10-01 09:40 - 00000000 ____D C:\ProgramData\a26ae68f-6865-0
2016-10-01 09:35 - 2016-10-01 09:35 - 00003882 _____ C:\WINDOWS\System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638}
2016-10-01 09:35 - 2016-10-01 09:35 - 00000000 ____D C:\ProgramData\a26ae68f-0247-0
2016-10-01 09:34 - 2016-10-01 09:34 - 00003972 _____ C:\WINDOWS\System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E}
2016-10-01 09:34 - 2016-10-01 09:34 - 00000000 ____D C:\ProgramData\f11de6e2
2016-10-01 09:34 - 2016-10-01 09:34 - 00000000 ____D C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}
2016-10-01 09:34 - 2016-10-01 09:34 - 00000000 ____D C:\ProgramData\{4a02332c-612c-0}
2016-10-01 09:34 - 2016-10-01 09:34 - 00000000 ____D C:\ProgramData\{286900f3-012c-1}
2016-09-30 21:24 - 2016-09-30 21:25 - 00131722 _____ C:\Users\TomĂˇĹˇ\Desktop\cc_20160930_212449.reg
2016-09-30 20:47 - 2016-09-30 20:47 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-30 20:47 - 2016-09-30 20:47 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-30 20:47 - 2016-09-30 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-30 20:47 - 2016-09-30 20:47 - 00000000 ____D C:\Program Files\CCleaner
2016-09-30 20:46 - 2016-09-30 20:47 - 08244656 _____ (Piriform Ltd) C:\Users\TomĂˇĹˇ\Downloads\ccsetup522.exe
2016-09-30 18:38 - 2016-09-30 19:28 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-09-30 18:38 - 2016-09-30 19:28 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-09-30 18:37 - 2016-10-01 09:39 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Local\LogMeIn Hamachi
2016-09-30 18:37 - 2016-09-30 18:37 - 21874200 _____ (LastPass) C:\WINDOWS\SysWOW64\lastpass_1337.exe
2016-09-30 18:37 - 2016-09-30 18:37 - 00702464 _____ C:\WINDOWS\SysWOW64\lastpass_downloader.exe
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Local\lptmp
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Local\LogMeIn
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\ProgramData\LogMeIn
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-09-30 18:36 - 2016-09-30 18:37 - 00000997 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-09-30 18:35 - 2016-09-30 18:36 - 08409088 _____ C:\Users\TomĂˇĹˇ\Downloads\hamachi.msi
2016-09-30 16:43 - 2016-09-30 18:03 - 00000000 ____D C:\Program Files (x86)\Hide IP
2016-09-30 16:43 - 2016-09-30 16:43 - 00001001 _____ C:\Users\TomĂˇĹˇ\Desktop\Hide IP.lnk
2016-09-30 16:43 - 2016-09-30 16:43 - 00000032 _____ C:\WINDOWS\hip
2016-09-30 16:43 - 2016-09-30 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP
2016-09-30 16:42 - 2016-09-30 16:43 - 08212408 _____ C:\Users\TomĂˇĹˇ\Downloads\hideip.exe
2016-09-29 21:06 - 2016-09-29 21:06 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\NVIDIA
2016-09-29 21:05 - 2016-09-30 19:01 - 00002184 _____ C:\Users\TomĂˇĹˇ\Desktop\Counter-Strike 1.6 Non-Steam.lnk
2016-09-29 21:05 - 2016-09-29 21:05 - 00002208 _____ C:\Users\TomĂˇĹˇ\AppData\Roaming\Microsoft\Windows\Start Menu\Counter-Strike 1.6 Non-Steam.lnk
2016-09-29 21:05 - 2016-09-29 21:05 - 00002204 _____ C:\Users\TomĂˇĹˇ\AppData\Roaming\Microsoft\Windows\Start Menu\CS 1.6 Servery.lnk
2016-09-29 21:05 - 2016-09-29 21:05 - 00002180 _____ C:\Users\TomĂˇĹˇ\Desktop\CS 1.6 Servery.lnk
2016-09-29 21:01 - 2016-09-30 19:02 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2016-09-29 20:59 - 2012-06-07 15:50 - 255104495 _____ (GameSites.cz ) C:\Users\TomĂˇĹˇ\Desktop\Counter-Strike 1.6 non steam.exe
2016-09-29 20:20 - 2016-09-29 20:20 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\Microsoft Games
2016-09-29 20:15 - 2016-09-29 20:15 - 00001071 _____ C:\Users\TomĂˇĹˇ\Desktop\GameSpy Arcade.lnk
2016-09-29 20:15 - 2016-09-29 20:15 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2016-09-29 20:14 - 2016-09-29 20:15 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2016-09-29 20:14 - 2016-09-29 20:14 - 00002230 _____ C:\Users\Public\Desktop\Rise of Nations Gold.lnk
2016-09-29 20:14 - 2016-09-29 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2016-09-29 20:03 - 2016-09-29 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2016-09-29 19:44 - 2014-04-08 13:25 - 1190807552 _____ C:\Users\TomĂˇĹˇ\Desktop\Rise-of-Nations-Gold-Edition+CZ_full.game.iso
2016-09-27 20:44 - 2016-09-27 20:54 - 65140963 _____ C:\Users\TomĂˇĹˇ\Documents\VID_20160916_155340.mp4
2016-09-27 20:27 - 2016-09-27 20:40 - 85002263 _____ C:\Users\TomĂˇĹˇ\Documents\VID_20160917_115920.mp4
2016-09-27 15:07 - 2016-09-27 16:47 - 1242386912 _____ C:\Users\TomĂˇĹˇ\Downloads\Lego-PĹ™ĂbÄ›h.cz.avi
2016-09-25 11:35 - 2016-09-25 13:15 - 1265264068 _____ C:\Users\TomĂˇĹˇ\Downloads\Atlas-mrakĹŻ-%2F-Cloud-Atlas-2012,-CZ.avi
2016-09-24 16:58 - 2016-09-24 16:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-21 20:05 - 2016-09-21 20:05 - 04609576 _____ (advancedpccare.net ) C:\Users\TomĂˇĹˇ\Downloads\apcprop.exe
2016-09-19 12:14 - 2016-09-21 22:21 - 00000000 ____D C:\ProgramData\iwinpi
2016-09-14 23:44 - 2016-09-21 22:21 - 00000000 ____D C:\Program Files (x86)\InterHop
2016-09-14 22:49 - 2016-09-07 06:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-14 22:49 - 2016-09-07 06:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-14 22:49 - 2016-09-07 06:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-14 22:49 - 2016-09-07 06:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-14 22:49 - 2016-09-07 06:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-14 22:49 - 2016-09-07 06:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-14 22:49 - 2016-09-07 06:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-14 22:49 - 2016-09-07 06:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-14 22:49 - 2016-09-07 06:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-14 22:49 - 2016-09-07 06:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-14 22:49 - 2016-09-07 06:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-14 22:49 - 2016-09-07 06:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-14 22:49 - 2016-09-07 06:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-14 22:49 - 2016-09-07 06:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-14 22:49 - 2016-09-07 06:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-14 22:49 - 2016-09-07 05:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-14 22:49 - 2016-09-07 05:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-14 22:49 - 2016-09-07 05:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-14 22:49 - 2016-09-07 05:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-14 22:49 - 2016-09-07 05:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-14 22:49 - 2016-09-07 05:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-14 22:49 - 2016-09-07 05:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-14 22:49 - 2016-09-07 05:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-14 22:49 - 2016-09-07 05:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-14 22:49 - 2016-09-07 05:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-14 22:49 - 2016-09-07 05:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-14 22:49 - 2016-09-07 05:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-14 22:49 - 2016-09-07 05:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-14 22:49 - 2016-09-07 05:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-14 22:49 - 2016-09-07 05:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-14 22:49 - 2016-09-07 05:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-14 22:49 - 2016-09-07 05:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-14 22:49 - 2016-09-07 05:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-14 22:49 - 2016-09-07 05:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-14 22:49 - 2016-09-07 05:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-14 22:49 - 2016-09-07 05:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-14 22:49 - 2016-09-07 05:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-14 22:49 - 2016-09-07 05:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-14 22:49 - 2016-09-07 05:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-14 22:49 - 2016-09-07 05:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-14 22:49 - 2016-09-07 05:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-14 22:49 - 2016-09-07 05:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-14 22:49 - 2016-08-06 05:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-14 22:49 - 2016-08-06 04:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-14 22:49 - 2016-08-06 04:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-14 22:49 - 2016-08-06 04:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-14 22:49 - 2016-08-06 04:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-14 22:49 - 2016-08-06 04:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-14 22:49 - 2016-08-06 04:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-14 22:49 - 2016-08-06 04:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-14 22:49 - 2016-08-06 04:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-14 22:49 - 2016-08-06 04:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-14 22:49 - 2016-08-02 09:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-14 22:49 - 2016-08-02 09:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-14 22:49 - 2016-08-02 09:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-14 22:49 - 2016-08-02 09:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-14 22:49 - 2016-08-02 05:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-14 22:49 - 2016-07-22 01:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-14 22:48 - 2016-09-07 07:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-14 22:48 - 2016-09-07 06:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-14 22:48 - 2016-09-07 06:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-14 22:48 - 2016-09-07 06:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-14 22:48 - 2016-09-07 06:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-14 22:48 - 2016-09-07 06:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-14 22:48 - 2016-09-07 06:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-14 22:48 - 2016-09-07 06:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-14 22:48 - 2016-09-07 06:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-14 22:48 - 2016-09-07 06:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-14 22:48 - 2016-09-07 06:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-14 22:48 - 2016-09-07 06:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-14 22:48 - 2016-09-07 06:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-14 22:48 - 2016-09-07 06:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-14 22:48 - 2016-09-07 06:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-14 22:48 - 2016-09-07 06:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-14 22:48 - 2016-09-07 06:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-14 22:48 - 2016-09-07 06:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-14 22:48 - 2016-09-07 06:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-14 22:48 - 2016-09-07 05:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-14 22:48 - 2016-09-07 05:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-14 22:48 - 2016-09-07 05:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-14 22:48 - 2016-09-07 05:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-14 22:48 - 2016-09-07 05:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-14 22:48 - 2016-09-07 05:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-14 22:48 - 2016-09-07 05:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-14 22:48 - 2016-09-07 05:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-14 22:48 - 2016-09-07 05:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-14 22:48 - 2016-09-07 05:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-14 22:48 - 2016-09-07 05:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-14 22:48 - 2016-09-07 05:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-14 22:48 - 2016-09-07 05:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-14 22:48 - 2016-09-07 05:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-14 22:48 - 2016-09-07 05:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-14 22:48 - 2016-09-07 05:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-14 22:48 - 2016-09-07 05:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-14 22:48 - 2016-09-07 05:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-14 22:48 - 2016-09-07 05:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-14 22:48 - 2016-09-07 05:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-14 22:48 - 2016-09-07 05:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-14 22:48 - 2016-09-07 05:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-14 22:48 - 2016-09-07 05:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-14 22:48 - 2016-09-07 05:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-14 22:48 - 2016-09-07 05:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-14 22:48 - 2016-09-07 05:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-14 22:48 - 2016-09-07 05:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-14 22:48 - 2016-09-07 05:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-14 22:48 - 2016-09-07 05:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-14 22:48 - 2016-09-07 05:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-14 22:48 - 2016-09-07 05:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-14 22:48 - 2016-09-07 05:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-14 22:48 - 2016-09-07 05:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-14 22:48 - 2016-09-07 05:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-14 22:48 - 2016-09-07 05:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-14 22:48 - 2016-08-06 05:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-14 22:48 - 2016-08-06 05:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-14 22:48 - 2016-08-06 04:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-14 10:36 - 2016-09-07 06:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-14 10:36 - 2016-09-07 06:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-14 10:36 - 2016-09-07 06:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-14 10:36 - 2016-09-07 06:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 06:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-14 10:36 - 2016-09-07 05:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 05:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-14 10:36 - 2016-09-07 05:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-14 10:36 - 2016-09-07 05:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-14 10:36 - 2016-09-07 05:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 05:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-14 10:36 - 2016-09-07 05:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-14 10:36 - 2016-09-07 05:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-14 10:36 - 2016-09-07 05:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-14 10:36 - 2016-09-07 05:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-14 10:36 - 2016-09-07 05:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-14 10:36 - 2016-09-07 05:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-14 07:36 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-14 07:36 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-14 07:36 - 2016-09-07 05:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-14 07:36 - 2016-08-06 04:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-14 07:36 - 2016-08-06 04:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-14 07:35 - 2016-09-07 06:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-14 07:35 - 2016-09-07 06:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-14 07:35 - 2016-09-07 06:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-14 07:35 - 2016-09-07 06:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-14 07:35 - 2016-09-07 06:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-14 07:35 - 2016-09-07 06:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-14 07:35 - 2016-09-07 06:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 07:35 - 2016-09-07 06:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-14 07:35 - 2016-09-07 06:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-14 07:35 - 2016-09-07 06:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-14 07:35 - 2016-09-07 06:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-14 07:35 - 2016-09-07 06:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-14 07:35 - 2016-09-07 06:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-14 07:35 - 2016-09-07 06:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-14 07:35 - 2016-09-07 06:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-14 07:35 - 2016-09-07 06:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-14 07:35 - 2016-09-07 06:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-14 07:35 - 2016-09-07 06:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-14 07:35 - 2016-09-07 06:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-14 07:35 - 2016-09-07 06:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-14 07:35 - 2016-09-07 06:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-14 07:35 - 2016-09-07 06:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-14 07:35 - 2016-09-07 06:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-14 07:35 - 2016-09-07 06:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-14 07:35 - 2016-09-07 06:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-14 07:35 - 2016-09-07 06:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-14 07:35 - 2016-09-07 06:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-14 07:35 - 2016-09-07 06:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-14 07:35 - 2016-09-07 06:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-14 07:35 - 2016-09-07 06:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-14 07:35 - 2016-09-07 05:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-14 07:35 - 2016-09-07 05:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-14 07:35 - 2016-09-07 05:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-14 07:35 - 2016-09-07 05:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-14 07:35 - 2016-09-07 05:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-14 07:35 - 2016-09-07 05:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-14 07:35 - 2016-09-07 05:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-14 07:35 - 2016-09-07 05:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-14 07:35 - 2016-09-07 05:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-14 07:35 - 2016-09-07 05:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-14 07:35 - 2016-09-07 05:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-14 07:35 - 2016-09-07 05:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-14 07:35 - 2016-09-07 05:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-14 07:35 - 2016-09-07 05:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-14 07:35 - 2016-09-07 05:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-14 07:35 - 2016-09-07 05:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-14 07:35 - 2016-09-07 05:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-14 07:35 - 2016-09-07 05:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-14 07:35 - 2016-09-07 05:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-14 07:35 - 2016-09-07 05:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-14 07:35 - 2016-09-07 05:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-14 07:35 - 2016-09-07 05:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-14 07:35 - 2016-09-07 05:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-14 07:35 - 2016-09-07 05:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-14 07:35 - 2016-09-07 05:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-14 07:35 - 2016-09-07 05:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-14 07:35 - 2016-09-07 05:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-14 07:35 - 2016-09-07 05:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-14 07:35 - 2016-09-07 05:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-14 07:35 - 2016-09-07 05:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-14 07:35 - 2016-09-07 05:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-14 07:35 - 2016-09-07 05:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-14 07:35 - 2016-08-06 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 07:35 - 2016-08-02 09:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-14 07:35 - 2016-08-02 09:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-14 07:35 - 2016-08-02 09:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-14 07:35 - 2016-08-02 05:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-14 07:35 - 2016-08-02 05:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-14 07:35 - 2016-07-22 02:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-14 07:34 - 2016-09-07 06:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-14 07:34 - 2016-09-07 06:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-14 07:34 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-14 07:34 - 2016-09-07 06:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-14 07:34 - 2016-09-07 06:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-14 07:34 - 2016-09-07 06:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-14 07:34 - 2016-09-07 06:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-14 07:34 - 2016-09-07 06:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-14 07:34 - 2016-09-07 06:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-14 07:34 - 2016-09-07 06:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-14 07:34 - 2016-09-07 06:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-14 07:34 - 2016-09-07 05:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-14 07:34 - 2016-09-07 05:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-14 07:34 - 2016-09-07 05:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-14 07:34 - 2016-09-07 05:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-14 07:34 - 2016-09-07 05:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-14 07:34 - 2016-09-07 05:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-14 07:34 - 2016-09-07 05:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-14 07:34 - 2016-09-07 05:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-14 07:34 - 2016-09-07 05:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-14 07:34 - 2016-09-07 05:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-14 07:34 - 2016-09-07 05:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-14 07:34 - 2016-09-07 05:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-14 07:34 - 2016-09-07 05:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-14 07:34 - 2016-09-07 05:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-14 07:34 - 2016-09-07 05:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-14 07:34 - 2016-09-07 05:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-14 07:34 - 2016-09-07 05:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-14 07:34 - 2016-09-07 05:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-14 07:34 - 2016-09-07 05:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-14 07:34 - 2016-09-07 05:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-14 07:34 - 2016-09-07 05:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-14 07:34 - 2016-09-07 05:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-14 07:34 - 2016-09-07 05:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-14 07:34 - 2016-09-07 05:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-14 07:34 - 2016-09-07 05:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-14 07:34 - 2016-09-07 05:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-14 07:34 - 2016-09-07 05:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-14 07:34 - 2016-09-07 05:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-14 07:34 - 2016-09-07 05:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-14 07:34 - 2016-09-07 05:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-14 07:34 - 2016-09-07 05:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-14 07:34 - 2016-09-07 05:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-14 07:34 - 2016-09-07 05:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-14 07:34 - 2016-09-07 05:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-14 07:34 - 2016-08-06 05:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-14 07:34 - 2016-08-06 04:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-14 07:33 - 2016-09-07 06:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-14 07:33 - 2016-09-07 06:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-14 07:33 - 2016-09-07 06:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-14 07:33 - 2016-09-07 06:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-14 07:33 - 2016-09-07 06:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-14 07:33 - 2016-09-07 06:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-14 07:33 - 2016-09-07 06:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-14 07:33 - 2016-09-07 06:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-14 07:33 - 2016-09-07 06:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-14 07:33 - 2016-09-07 06:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-14 07:33 - 2016-09-07 06:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-14 07:33 - 2016-09-07 06:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-14 07:33 - 2016-09-07 06:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-14 07:33 - 2016-09-07 06:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-14 07:33 - 2016-09-07 06:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-14 07:33 - 2016-09-07 06:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-14 07:33 - 2016-09-07 06:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-14 07:33 - 2016-09-07 05:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-14 07:33 - 2016-09-07 05:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-14 07:33 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-14 07:33 - 2016-09-07 05:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-14 07:33 - 2016-09-07 05:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-14 07:33 - 2016-09-07 05:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-14 07:33 - 2016-09-07 05:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-14 07:33 - 2016-09-07 05:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-14 07:33 - 2016-09-07 05:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-14 07:33 - 2016-09-07 05:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-14 07:33 - 2016-09-07 05:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-14 07:33 - 2016-09-07 05:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-14 07:33 - 2016-09-07 05:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-14 07:33 - 2016-09-07 05:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-14 07:33 - 2016-09-07 05:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-14 07:33 - 2016-09-07 05:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-14 07:33 - 2016-09-07 05:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-14 07:33 - 2016-09-07 05:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-14 07:33 - 2016-09-07 05:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-14 07:33 - 2016-09-07 05:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-14 07:33 - 2016-09-07 05:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-14 07:33 - 2016-09-07 05:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-14 07:33 - 2016-09-07 05:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-14 07:33 - 2016-08-06 05:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-14 07:33 - 2016-07-22 02:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-14 07:32 - 2016-09-07 06:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-14 07:32 - 2016-09-07 06:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-14 07:32 - 2016-09-07 06:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-14 07:32 - 2016-09-07 06:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-14 07:32 - 2016-09-07 06:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-14 07:32 - 2016-09-07 06:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-14 07:32 - 2016-09-07 06:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-14 07:32 - 2016-09-07 06:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-14 07:32 - 2016-09-07 06:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 07:32 - 2016-09-07 06:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-14 07:32 - 2016-09-07 05:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-14 07:32 - 2016-09-07 05:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-14 07:32 - 2016-09-07 05:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-14 07:32 - 2016-09-07 05:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-14 07:32 - 2016-09-07 05:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-14 07:32 - 2016-09-07 05:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-14 07:32 - 2016-09-07 05:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-14 07:32 - 2016-09-07 05:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-14 07:32 - 2016-09-07 05:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-14 07:32 - 2016-09-07 05:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-14 07:32 - 2016-09-07 05:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-14 07:32 - 2016-09-07 05:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-14 07:32 - 2016-09-07 05:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-14 07:32 - 2016-09-07 05:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-14 07:32 - 2016-09-07 05:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-14 07:32 - 2016-09-07 05:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-14 07:32 - 2016-09-07 05:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-14 07:32 - 2016-09-07 05:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-14 07:32 - 2016-09-07 05:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-14 07:32 - 2016-09-07 05:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-14 07:32 - 2016-09-07 05:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-14 07:32 - 2016-09-07 05:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-14 07:32 - 2016-09-07 05:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-14 07:32 - 2016-09-07 05:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-14 07:32 - 2016-09-07 05:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-14 07:32 - 2016-09-07 05:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-14 07:32 - 2016-09-07 05:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-14 07:32 - 2016-09-07 05:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-14 07:32 - 2016-09-07 05:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-14 07:32 - 2016-09-07 05:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-14 07:32 - 2016-09-07 05:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-14 07:32 - 2016-09-07 05:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-14 07:32 - 2016-09-07 05:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-14 07:32 - 2016-09-07 05:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-14 07:32 - 2016-09-07 05:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-14 07:32 - 2016-09-07 05:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-14 07:32 - 2016-08-06 04:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 07:32 - 2016-08-02 05:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-14 07:31 - 2016-09-07 06:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-14 07:31 - 2016-09-07 06:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-14 07:31 - 2016-09-07 06:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-14 07:31 - 2016-09-07 05:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-14 07:31 - 2016-09-07 05:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-14 07:31 - 2016-09-07 05:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-14 07:31 - 2016-09-07 05:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-14 07:31 - 2016-09-07 05:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-14 07:31 - 2016-09-07 05:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-14 07:31 - 2016-09-07 05:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-14 07:31 - 2016-09-07 05:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-14 07:31 - 2016-09-07 05:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-14 07:31 - 2016-09-07 05:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-14 07:31 - 2016-09-07 05:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-14 07:31 - 2016-09-07 05:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-14 07:31 - 2016-09-07 05:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-14 07:31 - 2016-09-07 05:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-14 07:31 - 2016-09-07 05:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-14 07:31 - 2016-09-07 05:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-14 07:31 - 2016-09-07 05:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-14 07:31 - 2016-09-07 05:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-14 07:31 - 2016-09-07 05:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-14 07:31 - 2016-09-07 05:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-11 20:31 - 2016-09-11 20:31 - 00001148 ____R C:\Users\Public\Desktop\Counter Strike Source.lnk
2016-09-11 20:31 - 2016-09-11 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter Strike Source
2016-09-11 20:09 - 2016-09-30 19:33 - 00000000 ____D C:\Program Files (x86)\Counter Strike Source
2016-09-11 18:23 - 2016-09-11 19:43 - 1916624503 _____ C:\Users\TomĂˇĹˇ\Downloads\CounterStrike-Source-+-Online.rar
2016-09-10 01:13 - 2016-09-10 01:13 - 00002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NĂˇstroje Microsoft Office 2016
2016-09-10 00:54 - 2016-09-20 18:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-10 00:53 - 2016-09-10 00:53 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-10 00:51 - 2016-09-10 00:52 - 03783360 _____ (Microsoft Corporation) C:\Users\TomĂˇĹˇ\Downloads\Setup.X86.cs-CZ_O365HomePremRetail_078a81f1-0077-40ae-b667-a97ad439d6bd_TX_DB_.exe
2016-09-07 11:02 - 2016-09-07 11:02 - 00000376 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47138203.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47136359.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47136046.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47126593.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47126187.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000000 ____D C:\Program Files (x86)\mkdo37
2016-09-07 11:01 - 2016-09-07 11:01 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47114843.html
2016-09-07 11:01 - 2016-09-07 11:01 - 00000003 _____ C:\WINDOWS\SysWOW64\en_47114250.html
2016-09-06 12:57 - 2016-09-06 12:57 - 00112199 _____ C:\Users\TomĂˇĹˇ\Downloads\boarding-pass (2).pdf
2016-09-06 12:30 - 2016-09-14 23:44 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\WinZiper
2016-09-06 11:06 - 2016-09-06 11:06 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-09-05 11:00 - 2016-09-29 20:17 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-09-05 11:00 - 2016-09-21 20:50 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\setup1
2016-09-05 11:00 - 2016-09-06 12:30 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\eCyber
2016-09-05 11:00 - 2016-09-05 11:00 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\qksee
2016-09-05 11:00 - 2016-09-05 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-09-05 11:00 - 2016-09-05 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-09-05 11:00 - 2016-09-05 11:00 - 00000000 ____D C:\Program Files (x86)\p3zrqnlj
2016-09-04 16:05 - 2016-09-06 11:43 - 00247479 _____ C:\Users\TomĂˇĹˇ\Downloads\boarding-pass (1).pdf
2016-09-04 15:56 - 2016-09-04 15:56 - 00112199 _____ C:\Users\TomĂˇĹˇ\Downloads\boarding-pass.pdf
2016-09-01 03:13 - 2016-09-01 03:13 - 00001364 _____ C:\Users\TomĂˇĹˇ\Desktop\Far Cry 4.lnk
2016-09-01 03:13 - 2016-09-01 03:13 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\Far Cry 4
2016-09-01 03:13 - 2016-09-01 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2016-09-01 02:24 - 2016-09-01 02:24 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-01 09:54 - 2016-08-17 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-01 09:45 - 2016-08-17 13:15 - 01017304 _____ C:\WINDOWS\system32\perfh005.dat
2016-10-01 09:45 - 2016-08-17 13:15 - 00249888 _____ C:\WINDOWS\system32\perfc005.dat
2016-10-01 09:45 - 2016-08-17 12:45 - 02556330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-01 09:44 - 2016-08-17 22:34 - 00002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 09:39 - 2015-09-09 14:28 - 00000000 __SHD C:\Users\TomĂˇĹˇ\IntelGraphicsProfiles
2016-10-01 09:38 - 2016-08-17 12:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-01 09:37 - 2016-08-25 12:09 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19058317-4356-4C2C-B1DA-E4604E3E43AE}
2016-10-01 09:37 - 2016-08-17 12:51 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-10-01 09:37 - 2016-08-17 12:35 - 00000000 ____D C:\Users\TomĂˇĹˇ
2016-10-01 09:36 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-01 09:36 - 2016-08-17 13:04 - 00000000 ____D C:\WINDOWS\INF
2016-10-01 09:35 - 2016-08-25 22:18 - 00000000 ____D C:\ProgramData\5080015f-7225-0
2016-10-01 09:35 - 2016-08-25 22:18 - 00000000 ____D C:\ProgramData\5080015f-4f75-1
2016-10-01 09:35 - 2016-08-18 01:02 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Local\CrashDumps
2016-10-01 09:35 - 2016-08-17 16:57 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\vlc
2016-10-01 09:33 - 2016-08-17 12:23 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-30 20:50 - 2016-08-26 11:44 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\AIMP3
2016-09-30 20:50 - 2016-08-21 05:18 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\uTorrent
2016-09-30 20:50 - 2016-08-17 23:34 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\DAEMON Tools Lite
2016-09-30 20:49 - 2016-08-17 13:21 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-30 16:44 - 2016-08-25 22:18 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Roaming\Seznam.cz
2016-09-30 10:28 - 2016-08-17 13:06 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-29 20:21 - 2015-09-10 04:03 - 00000000 ____D C:\Users\TomĂˇĹˇ\Documents\My Games
2016-09-21 22:21 - 2016-08-31 01:59 - 00000000 ____D C:\Program Files (x86)\Verleried
2016-09-21 20:50 - 2016-08-05 13:00 - 00000000 ____D C:\Program Files (x86)\WinSaber
2016-09-21 19:37 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\rescache
2016-09-20 18:02 - 2016-08-17 13:06 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-16 21:47 - 2015-09-10 06:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-16 03:11 - 2016-08-17 12:23 - 00341456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-16 03:05 - 2016-08-17 13:06 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-16 03:05 - 2016-08-17 13:06 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-14 23:07 - 2016-08-17 18:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 22:57 - 2016-08-17 18:28 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-11 20:36 - 2016-08-17 16:23 - 00000000 ____D C:\Users\TomĂˇĹˇ\AppData\Local\VirtualStore
2016-09-10 02:01 - 2016-08-17 16:25 - 00002393 _____ C:\Users\TomĂˇĹˇ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-10 02:01 - 2015-09-10 03:31 - 00000000 ___RD C:\Users\TomĂˇĹˇ\OneDrive
2016-09-10 00:53 - 2016-08-17 13:06 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-07 17:32 - 2016-08-17 13:10 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 17:32 - 2016-08-17 13:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-01 19:09 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 07:47 - 2016-08-31 00:57 - 00000000 __HDC C:\Users\TomĂˇĹˇ\Desktop\crack 3
2016-09-01 04:27 - 2016-08-31 07:43 - 06074906 _____ (Lindersoft ) C:\Users\TomĂˇĹˇ\Downloads\Fallout3CZ_1.0.0.15_patch.exe

==================== Files in the root of some directories =======

2016-08-31 06:03 - 2016-08-31 06:03 - 0142336 ____H () C:\Program Files (x86)\local64spl.dll
2016-08-31 06:03 - 2016-08-31 06:03 - 0000020 ____H () C:\Program Files (x86)\local64spl.dll.ini
2016-08-18 01:06 - 2016-08-18 01:06 - 0000017 _____ () C:\Users\TomĂˇĹˇ\AppData\Local\resmon.resmoncfg
2016-08-17 12:30 - 2016-08-17 12:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-25 22:20 - 2016-08-26 01:20 - 0441344 _____ () C:\ProgramData\smp2.exe

Files to move or delete:
====================
C:\ProgramData\smp2.exe

Some files in TEMP:
====================
C:\Users\TomĂˇĹˇ\AppData\Local\Temp\66523936.t.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom ç\Desktop" je 1381 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 01 říj 2016 11:33

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

marecek91 · #3 Příspěvek od **marecek91** » 01 říj 2016 12:32

# AdwCleaner v6.020 - Log soubor vytvořen 01/10/2016 na 10:48:02
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-30.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Tomáš - GORO
# Beží od : C:\Users\Tomáš\Desktop\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služby smazány:SMUpd
[-] Služby smazány:SMUpdd

***** [ Adresáře ] *****

[-] Adresář smazán:C:\ProgramData\5080015f-4f75-1
[-] Adresář smazán:C:\ProgramData\5080015f-7225-0
[-] Adresář smazán:C:\ProgramData\a26ae68f-0247-0
[-] Adresář smazán:C:\ProgramData\a26ae68f-6865-0
[-] Adresář smazán:C:\ProgramData\f11de6e2
[-] Adresář smazán:C:\ProgramData\iwinpi
[-] Adresář smazán:C:\ProgramData\{286900f3-012c-1}
[-] Adresář smazán:C:\ProgramData\{4a02332c-612c-0}
[-] Adresář smazán:C:\Users\Tomáš\AppData\Local\BrowserAir
[-] Adresář smazán:C:\Users\Tomáš\AppData\Roaming\eCyber
[-] Adresář smazán:C:\Users\Tomáš\AppData\Roaming\SpringFiles
[-] Adresář smazán:C:\Users\Tomáš\AppData\Roaming\qksee
[-] Adresář smazán:C:\Users\Tomáš\AppData\Roaming\WinZiper
[-] Adresář smazán:C:\Program Files\Common Files\Noobzo
[-] Adresář smazán:C:\ProgramData\SearchModule
[-] Adresář smazán:C:\ProgramData\ChelfNotify
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[-] Adresář smazán:C:\Program Files (x86)\WinSaber
[#] Adresář nelze smazat:C:\Program Files (x86)\winsaber
[-] Adresář smazán:C:\extensions

***** [ Soubory ] *****

[-] Soubor smazán:C:\WINDOWS\SysNative\bi3.exe
[-] Soubor smazán:C:\ProgramData\smp2.exe
[#] Soubor smazán:C:\ProgramData\smp2.exe
[-] Soubor smazán:C:\Program Files (x86)\local64spl.dll

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

[-] Zástupce dezinfikován:C:\Users\Public\Desktop\Grand Theft Auto V.lnk
[-] Zástupce dezinfikován:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Zástupce dezinfikován:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry\Grand Theft Auto V\Grand Theft Auto V.lnk
[-] Zástupce dezinfikován:C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Zástupce dezinfikován:C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Zástupce dezinfikován:C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Zástupce dezinfikován:C:\Users\Tomáš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\cb5740af1a9b4a02\Google Chrome.lnk

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKCU\Software\8d8a365431a792facbd5c58e723269b3
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[#] Klíč smazán po restartování:[x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\PRODUCTSETUP
[-] Klíč smazán:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\System Healer
[-] Klíč smazán:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\SrpnFiles
[-] Klíč smazán:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\csastats
[#] Klíč smazán po restartování:HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartování:HKCU\Software\System Healer
[#] Klíč smazán po restartování:HKCU\Software\SrpnFiles
[#] Klíč smazán po restartování:HKCU\Software\csastats
[-] Klíč smazán:HKLM\SOFTWARE\BrowserAir
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\SearchModule
[-] Klíč smazán:HKLM\SOFTWARE\SrpnFiles
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\trotuxSoftware
[-] Klíč smazán:HKLM\SOFTWARE\WinZiper
[-] Klíč smazán:HKLM\SOFTWARE\WinSaberSvc
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search module
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klíč smazán:HKLM\SOFTWARE\CLIENTS\Corner Sunshine
[#] Klíč smazán po restartování:[x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartování:[x64] HKCU\Software\System Healer
[#] Klíč smazán po restartování:[x64] HKCU\Software\SrpnFiles
[#] Klíč smazán po restartování:[x64] HKCU\Software\csastats
[-] Klíč smazán:[x64] HKLM\SOFTWARE\SearchModule
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\CLIENTS\Corner Sunshine
[-] Data obnovena:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč smazán:HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\SearchScopes\{40A21A0B-01F4-4622-BAB6-BE77126F8520}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{40A21A0B-01F4-4622-BAB6-BE77126F8520}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{40A21A0B-01F4-4622-BAB6-BE77126F8520}
[-] Data obnovena:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2cc58bc7-deaa-489a-af6d-a9c13a902f30} [NameServer]
[-] Data obnovena:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{923e35e7-4354-42fb-8421-4538b5de6ced} [NameServer]
[-] Data obnovena:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b37d25c1-3e70-4a82-9e2c-4b8cb8cd0bbf} [NameServer]
[-] Data obnovena:HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{db896915-99ea-4978-b31e-c646860bd52f} [NameServer]
[-] Data obnovena:[x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2cc58bc7-deaa-489a-af6d-a9c13a902f30} [NameServer]
[-] Data obnovena:[x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{923e35e7-4354-42fb-8421-4538b5de6ced} [NameServer]
[-] Data obnovena:[x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b37d25c1-3e70-4a82-9e2c-4b8cb8cd0bbf} [NameServer]
[-] Data obnovena:[x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{db896915-99ea-4978-b31e-c646860bd52f} [NameServer]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Klíč smazán:HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
[-] Klíč smazán:HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán:HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa
[#] Klíč smazán po restartování:[x64] HKCU\Software\Google\Chrome\Extensions\jlcgehabolcakkjhgmgpkagpolbjlhfa

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10807 Bajtů] - [01/10/2016 10:48:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [13407 Bajtů] - [01/10/2016 10:46:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10957 Bajtů] ##########

#4 Příspěvek od **Rudy** » 01 říj 2016 18:27

Dejte nový log FRST.

marecek91 · #5 Příspěvek od **marecek91** » 01 říj 2016 20:39

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-09-2016
Ran by Tomáš (01-10-2016 20:32:49)
Running from C:\Users\Tomáš\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-17 11:43:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3340955704-2885399049-3513640934-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3340955704-2885399049-3513640934-1003 - Limited - Enabled)
DefaultAccount (S-1-5-21-3340955704-2885399049-3513640934-503 - Limited - Disabled)
Guest (S-1-5-21-3340955704-2885399049-3513640934-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3340955704-2885399049-3513640934-1012 - Limited - Enabled)
Tomáš (S-1-5-21-3340955704-2885399049-3513640934-1001 - Administrator - Enabled) => C:\Users\Tomáš

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Aktualizace NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (Version: 372.54 - NVIDIA Corporation) Hidden
Bus Driver (HKLM-x32\...\Bus Driver_is1) (Version: - TopWare Poland Sp. z o.o.)
Bus Simulator (HKLM-x32\...\Bus Simulator_is1) (Version: - Global Software Publishing Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Counter Strike Source v1.0.0.34 (HKLM-x32\...\{91CD08AA-5402-4C64-A9CA-C7B4A479C003}_is1) (Version: - )
Counter-Strike 1.6 v42 (HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V_is1) (Version: 1.0.350.1 - Rockstar)
grid 2 (HKLM-x32\...\grid 2_is1) (Version: - )
Hide IP 2.0 (HKLM-x32\...\Hide IP_is1) (Version: - Volcano Force)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce Experience 3.0.6.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.6.49 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 372.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.54 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.0.6.49 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Ovládací panel NVIDIA 372.54 (Version: 372.54 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Seznam Software (HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 7.1.0310 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.6.49 - NVIDIA Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C44F32F-2AAC-4E92-93B6-CF779EE242D4} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {2BD50959-BC95-454E-96A9-46F2A7BE7E00} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {321C8DD7-DF8A-4518-8BDA-93482291AC89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-17] (NVIDIA Corporation)
Task: {3BCBBAA0-1B6B-4693-B9E9-8DC62ECEE831} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-17] (NVIDIA Corporation)
Task: {46A9B89A-A75C-480C-8070-99E3925B418A} - System32\Tasks\Windows Update KB134122 => (null)\vdm.exe
Task: {5725C321-922F-48C2-814E-4CECD392D461} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-17] (NVIDIA Corporation)
Task: {6C7194B7-8E06-48A1-ADF5-F914009A66B6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-17] (NVIDIA Corporation)
Task: {6E594801-1F26-49AC-91FE-FF611153E5A7} - System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E} => C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}\46B5891B-F11E-3EB0-AD45-9E733C900421.exe [2016-10-01] () <==== ATTENTION
Task: {7B654E29-0A16-4EEF-90AE-8148F9007C67} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {83D14615-5D17-404A-9B2A-64E7E8FFB263} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-17] (Google Inc.)
Task: {882D0DF0-3237-49A1-B363-336820920084} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-17] (Google Inc.)
Task: {8B1D2579-F9C7-4B41-BC25-15CB82E2FB38} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-17] (NVIDIA Corporation)
Task: {9816785D-7CDE-4D96-8239-B5D9C82030FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {C8A446FC-4C99-4603-8920-4091D1C959D6} - System32\Tasks\SMW_UpdateTask_Time_313939353837363230342d2355786c325a5b5734412d34 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {D6C62068-0093-4D01-89CA-EB9181B41442} - System32\Tasks\Windows Security Firewall runtime script => (null)\vdm.exe
Task: {D9F3BD51-54E6-4DB1-A106-7C2D195BFC33} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {F24773E4-F3BA-4A91-9280-46E372FDB17B} - System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\f11de6e2\ff4cb89d.dll" <==== ATTENTION
Task: {FBC32A78-AC48-4F49-9992-D8033843A994} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-17] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=tunseplikuphgeqerent --app-id=jjphmlaoffndcnecccgemfdaaoighkel

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-14 07:35 - 2016-09-07 06:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-17 12:28 - 2016-08-11 13:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-31 06:03 - 2016-08-31 06:03 - 00142336 ____H () C:\Program Files (x86)_\local64spl.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 00418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-14 07:35 - 2016-09-07 06:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-10 02:01 - 2016-09-10 02:01 - 00959168 _____ () C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00130048 ____N () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-14 07:34 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-14 07:33 - 2016-09-07 05:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-14 07:34 - 2016-09-07 05:57 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-09-14 07:31 - 2016-09-07 05:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-14 22:49 - 2016-09-07 05:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 22:49 - 2016-09-07 05:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-14 07:33 - 2016-09-07 05:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-14 07:31 - 2016-09-07 05:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-29 12:41 - 2016-09-29 12:41 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-29 12:41 - 2016-09-29 12:41 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-29 12:41 - 2016-09-29 12:41 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-01 10:22 - 2016-09-17 05:40 - 00502328 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-01 10:22 - 2016-09-17 05:40 - 00257592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-01 10:22 - 2016-09-17 05:40 - 02799552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-01 10:22 - 2016-09-17 05:40 - 00244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-01 10:22 - 2016-09-17 05:40 - 00430648 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-01 10:22 - 2016-09-17 05:40 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-01 10:22 - 2016-09-17 05:40 - 00373696 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-08-17 13:07 - 2016-08-17 13:03 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{71AE921C-4548-4BFB-A018-47704C43BE80}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{C8047791-8D63-40CB-A207-1CAC8918B643}C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{A31E1472-2189-430A-82F5-519F86C68C09}] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{D5BB423B-8147-4CE5-8219-05024B3C6353}] => (Block) C:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{1FFB05F6-A71B-4B30-9FD1-25A40458CE50}C:\users\tomáš\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tomáš\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{0B184678-50F6-4A90-8E58-1BDCABBB33F8}C:\users\tomáš\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\tomáš\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{010BCA7D-F5B8-417F-9F2C-CE55F065EB37}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{26621B52-762E-4239-8B71-AA9B758326CC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{28C1550A-089E-4EC8-9BF2-A6729FDB20CC}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{892FD43D-95AE-4BED-BD63-1CABDB921EFD}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{04ABE863-ACF5-4307-8371-AE1F774249F7}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{300AFE73-4CCC-46A1-836B-FA0BDDBE6E23}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
FirewallRules: [{7110CE54-D886-4F1E-B662-2157FCECF746}] => (Block) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
FirewallRules: [{5832254D-1814-46F8-9AC5-0DC592E76FD1}] => (Block) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe
FirewallRules: [{A8629BC3-829F-4B00-933D-A4ED14B2EB19}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{CA592029-68CE-4A47-9C24-41AD35076326}C:\program files (x86)\counter strike source\hl2.exe] => (Allow) C:\program files (x86)\counter strike source\hl2.exe
FirewallRules: [UDP Query User{BFCADC3D-6187-4C09-8038-38A1FB8C9A50}C:\program files (x86)\counter strike source\hl2.exe] => (Allow) C:\program files (x86)\counter strike source\hl2.exe
FirewallRules: [{5311051F-AED5-4029-8926-103BB5A91272}] => (Block) C:\program files (x86)\counter strike source\hl2.exe
FirewallRules: [{834E5273-53B6-494C-8061-71095609969F}] => (Block) C:\program files (x86)\counter strike source\hl2.exe
FirewallRules: [{AC23A857-5BBC-440C-BE6F-4D544D3CA661}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E519693F-CA56-40D5-9365-C159C76E5DA9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe
FirewallRules: [{0D8DF16F-258E-4BDA-B202-FF7123F001FE}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe
FirewallRules: [TCP Query User{FDB4B8E0-8416-4C4F-9269-6DB23806B6AC}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [UDP Query User{50E1946C-EC58-4D74-8D17-1713D2948CA6}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [{BA6F78A3-4893-4510-858A-C428F5F7C246}] => (Block) C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [{2F786F69-EEA8-40A6-91DD-EA6B3AC6F086}] => (Block) C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [TCP Query User{F20B1E6C-5610-4AF8-9C09-1BAE8A944020}C:\program files (x86)\counter-strike 1.6 non-steam\hlds.exe] => (Block) C:\program files (x86)\counter-strike 1.6 non-steam\hlds.exe
FirewallRules: [UDP Query User{9B0D2B66-D4A2-4DF0-BF27-F28F43363802}C:\program files (x86)\counter-strike 1.6 non-steam\hlds.exe] => (Block) C:\program files (x86)\counter-strike 1.6 non-steam\hlds.exe
FirewallRules: [{E7E1AE1F-A570-4FA5-A10F-2A788D45FA76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{264F4F85-7950-46F4-8D51-8DE877503BC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{46411B59-160A-4428-8E85-09FA53C50D1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1FE2ED1B-4BF0-4C66-AC0C-5E9D2196FCE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{044F86E8-2191-4AEB-BB87-4EC99DE5A8AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

21-09-2016 18:29:42 Naplánovaný kontrolní bod
29-09-2016 20:37:14 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2016 08:24:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko: 0x4445c334
Název chybujícího modulu: filesystem_steam.dll, verze: 0.0.0.0, časové razítko: 0x47e2d72b
Kód výjimky: 0xc0000005
Posun chyby: 0x00010d9c
ID chybujícího procesu: 0x1e64
Čas spuštění chybující aplikace: 0x01d21c168d1d482d
Cesta k chybující aplikaci: C:\Program Files (x86)\Counter Strike Source\hl2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Counter Strike Source\bin\filesystem_steam.dll
ID zprávy: 0834e63c-5a54-4c14-a2d7-b16ea4194d88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/01/2016 07:54:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (10/01/2016 07:53:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/01/2016 04:41:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: GORO)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147023673. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/01/2016 04:26:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: City-Bus.exe, verze: 0.0.0.0, časové razítko: 0x432d2170
Název chybujícího modulu: acknex.dll, verze: 6.32.2.0, časové razítko: 0x445b1779
Kód výjimky: 0xc0000005
Posun chyby: 0x001d26f0
ID chybujícího procesu: 0x1500
Čas spuštění chybující aplikace: 0x01d21bf81c6d11f2
Cesta k chybující aplikaci: C:\Program Files (x86)\Bus Simulator\City-Bus.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Bus Simulator\acknex.dll
ID zprávy: a43ecc86-b1a6-4ce1-af98-a6ee5c909733
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/01/2016 04:25:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: City-Bus.exe, verze: 0.0.0.0, časové razítko: 0x432d2170
Název chybujícího modulu: acknex.dll, verze: 6.32.2.0, časové razítko: 0x445b1779
Kód výjimky: 0xc0000005
Posun chyby: 0x001d26f0
ID chybujícího procesu: 0xc6c
Čas spuštění chybující aplikace: 0x01d21bf7df934075
Cesta k chybující aplikaci: C:\Program Files (x86)\Bus Simulator\City-Bus.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Bus Simulator\acknex.dll
ID zprávy: 6ff5a04a-6aee-4771-a7f7-e7b3290afa05
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/01/2016 03:29:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko: 0x4445c334
Název chybujícího modulu: filesystem_steam.dll, verze: 0.0.0.0, časové razítko: 0x47e2d72b
Kód výjimky: 0xc0000005
Posun chyby: 0x00010d9c
ID chybujícího procesu: 0xee4
Čas spuštění chybující aplikace: 0x01d21bdcb7dd6e46
Cesta k chybující aplikaci: C:\Program Files (x86)\Counter Strike Source\hl2.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Counter Strike Source\bin\filesystem_steam.dll
ID zprávy: 6b363eb9-2ca7-4bc4-a798-95475d63152b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/01/2016 01:07:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program csko.exe verze 1.1.1.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 144c

Čas spuštění: 01d21bdbfc2e0703

Čas ukončení: 208

Cesta k aplikaci: C:\Counter-Strike 1.6\csko.exe

ID hlášení: 759542b2-87cf-11e6-84cf-14dda905d658

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (10/01/2016 11:43:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.14393.0, časové razítko: 0x57898e92
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72efcd40
ID chybujícího procesu: 0x1d44
Čas spuštění chybující aplikace: 0x01d21bd0a94a6538
Cesta k chybující aplikaci: C:\WINDOWS\SysWoW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: cfa96f1c-799d-45d2-b994-dc4b20f6553e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/01/2016 11:43:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.14393.0, časové razítko: 0x57898e92
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72efcd40
ID chybujícího procesu: 0x260
Čas spuštění chybující aplikace: 0x01d21bd098fb622c
Cesta k chybující aplikaci: C:\WINDOWS\SysWoW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 463393b6-b897-409d-b7c4-ce34e436376e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (10/01/2016 12:58:00 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače MARECZEK,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{923E35E7-4354-42FB-8421-4538B5DE6CED}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (10/01/2016 11:53:01 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.16.
Počítač s IP adresou 192.168.0.12 nepovolil získání názvu
tímto počítačem.

Error: (10/01/2016 10:49:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_3238d byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (10/01/2016 10:49:29 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (10/01/2016 10:47:16 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (10/01/2016 10:46:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/01/2016 10:46:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (10/01/2016 10:46:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/01/2016 10:46:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (10/01/2016 10:46:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LogMeIn Hamachi Tunneling Engine byla neočekávaně ukončena. Tento stav nastal již 1krát.

CodeIntegrity:
===================================
Date: 2016-10-01 11:48:52.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_dac0245a363caab4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-10-01 09:38:29.318
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-10-01 09:37:01.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-30 19:29:13.572
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-30 16:11:50.922
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_dac0245a363caab4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-29 20:17:41.058
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-21 17:53:39.766
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_dac0245a363caab4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-09-20 22:53:27.686
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-20 21:53:26.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-20 20:53:26.409
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Common Files\Noobzo\GNUpdate\smw.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 36%
Total physical RAM: 3982.3 MB
Available physical RAM: 2533.91 MB
Total Virtual: 4686.3 MB
Available Virtual: 3012.68 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:140.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:190.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D2B50195)

Partition: GPT.

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 01 říj 2016 21:24

Toto je pouze addition. Potřebuji vidět ještě log FRST.

marecek91 · #7 Příspěvek od **marecek91** » 02 říj 2016 16:18

Omlouvám se za chybku, spletl jsem si soubory, přeposílám to z jiného PC, zde FRST log..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-09-2016
Ran by Tomáš (administrator) on GORO (01-10-2016 20:28:09)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1841088 2016-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [454792 2016-05-25] (Power Software Ltd)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-09-13] (LogMeIn Inc.)
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [uTorrent] => C:\Users\Tomáš\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2016-08-21] (BitTorrent Inc.)
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKLM\...\Providers\4hz2hmnn: C:\Program Files (x86)\\local64spl.dll
HKLM\...\Providers\cemrsbcc: C:\Program Files (x86)_\local64spl.dll [142336 2016-08-31] ()
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{2cc58bc7-deaa-489a-af6d-a9c13a902f30}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{b37d25c1-3e70-4a82-9e2c-4b8cb8cd0bbf}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{db896915-99ea-4978-b31e-c646860bd52f}: [DhcpNameServer] 82.163.143.157

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189519434112809&GUID=7EE51068-E3E4-4F75-A1A9-0ED606CA8C92
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189519434148714&GUID=7EE51068-E3E4-4F75-A1A9-0ED606CA8C92
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131189519434202568&GUID=7EE51068-E3E4-4F75-A1A9-0ED606CA8C92
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=147324253 ... WRP2XYWRPX

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR HomePage: tunseplikuphgeqerent -> hxxp://www.trotux.com/?z=7e347ef786ee6d71858e6 ... PX&type=hp
CHR StartupUrls: tunseplikuphgeqerent -> "hxxp://www.trotux.com/?z=7e347ef786ee6d71858e6 ... PX&type=hp"
CHR DefaultSearchURL: tunseplikuphgeqerent -> hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
CHR DefaultSearchKeyword: tunseplikuphgeqerent -> nuesearch
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent [2016-10-01] <==== ATTENTION
CHR Extension: (Prezentace Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-17]
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-17]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-17]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-25]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-08-25]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-17]
CHR Extension: (Adblock na Youtube™) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-09-07]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-08-17]
CHR Extension: (Tabulky Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-17]
CHR Extension: (Floating for YouTube™) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2016-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-17]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-17]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2621448 2016-09-13] (LogMeIn Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457152 2016-09-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457152 2016-09-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-09-17] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-03-01] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-03-01] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-08-31] (LogMeIn Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_dac0245a363caab4\nvlddmkm.sys [14199360 2016-08-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-09-17] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [28344 2016-05-12] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-09-17] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-01 20:27 - 2016-10-01 20:27 - 02404352 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2016-10-01 20:25 - 2016-10-01 20:25 - 00015327 _____ C:\Users\Tomáš\Desktop\LM.bat
2016-10-01 19:56 - 2016-10-01 19:58 - 00000000 ____D C:\Users\Tomáš\Documents\Bus Driver
2016-10-01 19:55 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2016-10-01 19:55 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2016-10-01 19:55 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2016-10-01 19:55 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2016-10-01 19:55 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2016-10-01 19:55 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2016-10-01 19:55 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2016-10-01 19:55 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2016-10-01 19:55 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2016-10-01 19:55 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2016-10-01 19:55 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2016-10-01 19:55 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2016-10-01 19:55 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2016-10-01 19:55 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2016-10-01 19:54 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2016-10-01 19:54 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2016-10-01 19:54 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2016-10-01 19:54 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2016-10-01 19:54 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2016-10-01 19:54 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2016-10-01 19:54 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2016-10-01 19:54 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2016-10-01 19:54 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2016-10-01 19:54 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2016-10-01 19:54 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2016-10-01 19:54 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2016-10-01 19:54 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2016-10-01 19:54 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2016-10-01 19:54 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2016-10-01 19:54 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2016-10-01 19:54 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2016-10-01 19:54 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2016-10-01 17:53 - 2016-10-01 17:53 - 00001970 _____ C:\Users\Public\Desktop\Bus Driver.lnk
2016-10-01 17:53 - 2016-10-01 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Driver
2016-10-01 17:52 - 2016-10-01 17:53 - 00000000 ____D C:\Program Files (x86)\Bus Driver
2016-10-01 17:01 - 2016-10-01 17:01 - 00000000 ____D C:\Users\Tomáš\Desktop\Čeština
2016-10-01 17:01 - 2016-10-01 17:01 - 00000000 ____D C:\Users\Tomáš\Desktop\Bus Driver
2016-10-01 16:28 - 2016-10-01 16:51 - 522018430 _____ C:\Users\Tomáš\Downloads\Bus-Driver-PLNA-VERZE.rar
2016-10-01 16:24 - 2016-10-01 16:24 - 00002005 _____ C:\Users\Tomáš\Desktop\Bus Simulator.lnk
2016-10-01 16:24 - 2016-10-01 16:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Simulator
2016-10-01 16:15 - 2016-10-01 16:24 - 00000000 ____D C:\Program Files (x86)\Bus Simulator
2016-10-01 16:13 - 2008-05-12 17:05 - 754352128 _____ C:\Users\Tomáš\Desktop\pro-bus08.iso
2016-10-01 15:39 - 2016-10-01 16:11 - 749202503 _____ C:\Users\Tomáš\Downloads\Bus-Simulator-2008.iso.rar
2016-10-01 12:50 - 2016-10-01 13:08 - 00001601 _____ C:\Users\Tomáš\Desktop\Counter-Strike 1.6.lnk
2016-10-01 12:50 - 2016-10-01 12:50 - 00001547 _____ C:\Users\Tomáš\Desktop\Half-Life.lnk
2016-10-01 12:50 - 2016-10-01 12:50 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2016-10-01 12:42 - 2016-10-01 13:08 - 00000000 ____D C:\Counter-Strike 1.6
2016-10-01 12:41 - 2016-10-01 12:41 - 283728880 _____ (Valve ) C:\Users\Tomáš\Desktop\Counter-strike-1.6.exe
2016-10-01 11:37 - 2016-10-01 11:59 - 283728966 _____ C:\Users\Tomáš\Desktop\Counter-Strike-1.6-Full-Install.rar
2016-10-01 11:07 - 2016-10-01 11:07 - 00001015 _____ C:\Users\Tomáš\Desktop\LogMeIn Hamachi.lnk
2016-10-01 10:51 - 2016-10-01 10:51 - 00011121 _____ C:\Users\Tomáš\Desktop\AdwCleaner[C0].txt
2016-10-01 10:38 - 2016-10-01 10:48 - 00000000 ____D C:\AdwCleaner
2016-10-01 10:37 - 2016-10-01 10:38 - 03861056 _____ C:\Users\Tomáš\Downloads\adwcleaner_6.020 (1).exe
2016-10-01 10:36 - 2016-10-01 10:38 - 03861056 _____ C:\Users\Tomáš\Desktop\adwcleaner_6.020.exe
2016-10-01 10:23 - 2016-10-01 10:23 - 00000000 ____D C:\Users\Tomáš\AppData\Local\CEF
2016-10-01 10:22 - 2016-10-01 10:22 - 00003980 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-01 10:22 - 2016-10-01 10:22 - 00003952 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-01 10:22 - 2016-10-01 10:22 - 00003916 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-01 10:22 - 2016-10-01 10:22 - 00003890 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-01 10:22 - 2016-10-01 10:22 - 00003728 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-01 10:22 - 2016-10-01 10:22 - 00003686 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-10-01 10:22 - 2016-10-01 10:22 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-10-01 10:22 - 2016-10-01 10:22 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-10-01 10:22 - 2016-10-01 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-10-01 10:22 - 2016-09-17 07:11 - 01841088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 01448384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-10-01 10:22 - 2016-09-17 07:11 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-10-01 10:22 - 2016-09-17 05:10 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-10-01 10:21 - 2016-09-17 07:11 - 00104384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-10-01 10:21 - 2016-09-17 07:11 - 00094144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-10-01 10:21 - 2016-09-17 07:11 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-10-01 10:14 - 2016-10-01 20:25 - 00029696 _____ C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2016-10-01 10:11 - 2016-10-01 20:29 - 00015170 _____ C:\Users\Tomáš\Desktop\FRST.txt
2016-10-01 09:59 - 2016-10-01 09:59 - 00088310 _____ C:\Users\Tomáš\Desktop\FRST3.txt
2016-10-01 09:58 - 2016-10-01 10:07 - 00038435 _____ C:\Users\Tomáš\Desktop\Addition.txt
2016-10-01 09:53 - 2016-10-01 20:28 - 00000000 ____D C:\FRST
2016-10-01 09:51 - 2016-10-01 09:53 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2016-10-01 09:35 - 2016-10-01 09:35 - 00003882 _____ C:\WINDOWS\System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638}
2016-10-01 09:34 - 2016-10-01 09:34 - 00003972 _____ C:\WINDOWS\System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E}
2016-10-01 09:34 - 2016-10-01 09:34 - 00000000 ____D C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}
2016-09-30 20:47 - 2016-09-30 20:47 - 00002848 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-30 20:47 - 2016-09-30 20:47 - 00000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-30 20:47 - 2016-09-30 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-30 20:47 - 2016-09-30 20:47 - 00000000 ____D C:\Program Files\CCleaner
2016-09-30 20:46 - 2016-09-30 20:47 - 08244656 _____ (Piriform Ltd) C:\Users\Tomáš\Downloads\ccsetup522.exe
2016-09-30 18:38 - 2016-09-30 19:28 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2016-09-30 18:38 - 2016-09-30 19:28 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2016-09-30 18:37 - 2016-10-01 14:34 - 00000000 ____D C:\Users\Tomáš\AppData\Local\LogMeIn Hamachi
2016-09-30 18:37 - 2016-09-30 18:37 - 21874200 _____ (LastPass) C:\WINDOWS\SysWOW64\lastpass_1337.exe
2016-09-30 18:37 - 2016-09-30 18:37 - 00702464 _____ C:\WINDOWS\SysWOW64\lastpass_downloader.exe
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\Users\Tomáš\AppData\Local\lptmp
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\Users\Tomáš\AppData\Local\LogMeIn
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\ProgramData\LogMeIn
2016-09-30 18:37 - 2016-09-30 18:37 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-09-30 18:35 - 2016-09-30 18:36 - 08409088 _____ C:\Users\Tomáš\Downloads\hamachi.msi
2016-09-30 16:43 - 2016-09-30 18:03 - 00000000 ____D C:\Program Files (x86)\Hide IP
2016-09-30 16:43 - 2016-09-30 16:43 - 00000032 _____ C:\WINDOWS\hip
2016-09-30 16:43 - 2016-09-30 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP
2016-09-30 16:42 - 2016-09-30 16:43 - 08212408 _____ C:\Users\Tomáš\Downloads\hideip.exe
2016-09-29 21:06 - 2016-09-29 21:06 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\NVIDIA
2016-09-29 21:01 - 2016-10-01 11:39 - 00000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2016-09-29 20:59 - 2012-06-07 15:50 - 255104495 _____ (GameSites.cz ) C:\Users\Tomáš\Desktop\Counter-Strike 1.6 non steam.exe
2016-09-29 20:20 - 2016-09-29 20:20 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft Games
2016-09-29 20:15 - 2016-09-29 20:15 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2016-09-29 20:14 - 2016-09-29 20:15 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2016-09-29 20:14 - 2016-09-29 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2016-09-29 20:03 - 2016-09-29 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2016-09-27 20:44 - 2016-09-27 20:54 - 65140963 _____ C:\Users\Tomáš\Documents\VID_20160916_155340.mp4
2016-09-27 20:27 - 2016-09-27 20:40 - 85002263 _____ C:\Users\Tomáš\Documents\VID_20160917_115920.mp4
2016-09-27 15:07 - 2016-09-27 16:47 - 1242386912 _____ C:\Users\Tomáš\Downloads\Lego-Příběh.cz.avi
2016-09-25 11:35 - 2016-09-25 13:15 - 1265264068 _____ C:\Users\Tomáš\Downloads\Atlas-mraků-%2F-Cloud-Atlas-2012,-CZ.avi
2016-09-24 16:58 - 2016-09-24 16:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-21 20:05 - 2016-09-21 20:05 - 04609576 _____ (advancedpccare.net ) C:\Users\Tomáš\Downloads\apcprop.exe
2016-09-14 23:44 - 2016-09-21 22:21 - 00000000 ____D C:\Program Files (x86)\InterHop
2016-09-14 22:49 - 2016-09-07 06:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-14 22:49 - 2016-09-07 06:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-14 22:49 - 2016-09-07 06:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-14 22:49 - 2016-09-07 06:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-14 22:49 - 2016-09-07 06:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-14 22:49 - 2016-09-07 06:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-14 22:49 - 2016-09-07 06:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-14 22:49 - 2016-09-07 06:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-14 22:49 - 2016-09-07 06:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-14 22:49 - 2016-09-07 06:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-14 22:49 - 2016-09-07 06:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-14 22:49 - 2016-09-07 06:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-14 22:49 - 2016-09-07 06:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-14 22:49 - 2016-09-07 06:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-14 22:49 - 2016-09-07 06:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-14 22:49 - 2016-09-07 05:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-14 22:49 - 2016-09-07 05:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-14 22:49 - 2016-09-07 05:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-14 22:49 - 2016-09-07 05:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-14 22:49 - 2016-09-07 05:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-14 22:49 - 2016-09-07 05:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-14 22:49 - 2016-09-07 05:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-14 22:49 - 2016-09-07 05:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-14 22:49 - 2016-09-07 05:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-14 22:49 - 2016-09-07 05:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-14 22:49 - 2016-09-07 05:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-14 22:49 - 2016-09-07 05:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-14 22:49 - 2016-09-07 05:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-14 22:49 - 2016-09-07 05:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-14 22:49 - 2016-09-07 05:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-14 22:49 - 2016-09-07 05:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-14 22:49 - 2016-09-07 05:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-14 22:49 - 2016-09-07 05:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-14 22:49 - 2016-09-07 05:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-14 22:49 - 2016-09-07 05:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-14 22:49 - 2016-09-07 05:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-14 22:49 - 2016-09-07 05:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-14 22:49 - 2016-09-07 05:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-14 22:49 - 2016-09-07 05:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-14 22:49 - 2016-09-07 05:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-14 22:49 - 2016-09-07 05:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-14 22:49 - 2016-09-07 05:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-14 22:49 - 2016-09-07 05:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-14 22:49 - 2016-08-06 05:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-14 22:49 - 2016-08-06 04:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-14 22:49 - 2016-08-06 04:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-14 22:49 - 2016-08-06 04:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-14 22:49 - 2016-08-06 04:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-14 22:49 - 2016-08-06 04:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-14 22:49 - 2016-08-06 04:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-14 22:49 - 2016-08-06 04:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-14 22:49 - 2016-08-06 04:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-14 22:49 - 2016-08-06 04:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-14 22:49 - 2016-08-02 09:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-14 22:49 - 2016-08-02 09:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-14 22:49 - 2016-08-02 09:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-14 22:49 - 2016-08-02 09:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-14 22:49 - 2016-08-02 05:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-14 22:49 - 2016-07-22 01:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-14 22:48 - 2016-09-07 07:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-14 22:48 - 2016-09-07 06:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-14 22:48 - 2016-09-07 06:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-14 22:48 - 2016-09-07 06:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-14 22:48 - 2016-09-07 06:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-14 22:48 - 2016-09-07 06:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-14 22:48 - 2016-09-07 06:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-14 22:48 - 2016-09-07 06:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-14 22:48 - 2016-09-07 06:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-14 22:48 - 2016-09-07 06:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-14 22:48 - 2016-09-07 06:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-14 22:48 - 2016-09-07 06:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-14 22:48 - 2016-09-07 06:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-14 22:48 - 2016-09-07 06:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-14 22:48 - 2016-09-07 06:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-14 22:48 - 2016-09-07 06:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-14 22:48 - 2016-09-07 06:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-14 22:48 - 2016-09-07 06:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-14 22:48 - 2016-09-07 06:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-14 22:48 - 2016-09-07 05:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-14 22:48 - 2016-09-07 05:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-14 22:48 - 2016-09-07 05:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-14 22:48 - 2016-09-07 05:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-14 22:48 - 2016-09-07 05:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-14 22:48 - 2016-09-07 05:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-14 22:48 - 2016-09-07 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-14 22:48 - 2016-09-07 05:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-14 22:48 - 2016-09-07 05:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-14 22:48 - 2016-09-07 05:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-14 22:48 - 2016-09-07 05:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-14 22:48 - 2016-09-07 05:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-14 22:48 - 2016-09-07 05:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-14 22:48 - 2016-09-07 05:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-14 22:48 - 2016-09-07 05:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-14 22:48 - 2016-09-07 05:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-14 22:48 - 2016-09-07 05:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-14 22:48 - 2016-09-07 05:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-14 22:48 - 2016-09-07 05:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-14 22:48 - 2016-09-07 05:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-14 22:48 - 2016-09-07 05:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-14 22:48 - 2016-09-07 05:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-14 22:48 - 2016-09-07 05:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-14 22:48 - 2016-09-07 05:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-14 22:48 - 2016-09-07 05:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-14 22:48 - 2016-09-07 05:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-14 22:48 - 2016-09-07 05:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-14 22:48 - 2016-09-07 05:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-14 22:48 - 2016-09-07 05:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-14 22:48 - 2016-09-07 05:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-14 22:48 - 2016-09-07 05:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-14 22:48 - 2016-09-07 05:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-14 22:48 - 2016-09-07 05:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-14 22:48 - 2016-09-07 05:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-14 22:48 - 2016-09-07 05:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-14 22:48 - 2016-09-07 05:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-14 22:48 - 2016-08-06 05:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-14 22:48 - 2016-08-06 05:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-14 22:48 - 2016-08-06 04:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-14 10:36 - 2016-09-07 06:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-14 10:36 - 2016-09-07 06:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-14 10:36 - 2016-09-07 06:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-14 10:36 - 2016-09-07 06:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 06:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-14 10:36 - 2016-09-07 05:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 05:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 05:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-14 10:36 - 2016-09-07 05:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-14 10:36 - 2016-09-07 05:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-14 10:36 - 2016-09-07 05:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-14 10:36 - 2016-09-07 05:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-14 10:36 - 2016-09-07 05:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-14 10:36 - 2016-09-07 05:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-14 10:36 - 2016-09-07 05:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-14 10:36 - 2016-09-07 05:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-14 10:36 - 2016-09-07 05:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-14 10:36 - 2016-09-07 05:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-14 07:36 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-14 07:36 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-14 07:36 - 2016-09-07 05:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-14 07:36 - 2016-08-06 04:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-14 07:36 - 2016-08-06 04:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-14 07:35 - 2016-09-07 06:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-14 07:35 - 2016-09-07 06:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-14 07:35 - 2016-09-07 06:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-14 07:35 - 2016-09-07 06:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-14 07:35 - 2016-09-07 06:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-14 07:35 - 2016-09-07 06:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-14 07:35 - 2016-09-07 06:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-14 07:35 - 2016-09-07 06:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-14 07:35 - 2016-09-07 06:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-14 07:35 - 2016-09-07 06:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-14 07:35 - 2016-09-07 06:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-14 07:35 - 2016-09-07 06:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-14 07:35 - 2016-09-07 06:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-14 07:35 - 2016-09-07 06:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-14 07:35 - 2016-09-07 06:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-14 07:35 - 2016-09-07 06:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-14 07:35 - 2016-09-07 06:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-14 07:35 - 2016-09-07 06:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-14 07:35 - 2016-09-07 06:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-14 07:35 - 2016-09-07 06:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-14 07:35 - 2016-09-07 06:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-14 07:35 - 2016-09-07 06:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-14 07:35 - 2016-09-07 06:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-14 07:35 - 2016-09-07 06:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-14 07:35 - 2016-09-07 06:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-14 07:35 - 2016-09-07 06:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-14 07:35 - 2016-09-07 06:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-14 07:35 - 2016-09-07 06:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-14 07:35 - 2016-09-07 06:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-14 07:35 - 2016-09-07 06:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-14 07:35 - 2016-09-07 05:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-14 07:35 - 2016-09-07 05:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-14 07:35 - 2016-09-07 05:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-14 07:35 - 2016-09-07 05:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-14 07:35 - 2016-09-07 05:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-14 07:35 - 2016-09-07 05:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-14 07:35 - 2016-09-07 05:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-14 07:35 - 2016-09-07 05:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-14 07:35 - 2016-09-07 05:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-14 07:35 - 2016-09-07 05:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-14 07:35 - 2016-09-07 05:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-14 07:35 - 2016-09-07 05:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-14 07:35 - 2016-09-07 05:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-14 07:35 - 2016-09-07 05:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-14 07:35 - 2016-09-07 05:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-14 07:35 - 2016-09-07 05:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-14 07:35 - 2016-09-07 05:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-14 07:35 - 2016-09-07 05:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-14 07:35 - 2016-09-07 05:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-14 07:35 - 2016-09-07 05:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-14 07:35 - 2016-09-07 05:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-14 07:35 - 2016-09-07 05:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-14 07:35 - 2016-09-07 05:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-14 07:35 - 2016-09-07 05:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-14 07:35 - 2016-09-07 05:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-14 07:35 - 2016-09-07 05:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-14 07:35 - 2016-09-07 05:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-14 07:35 - 2016-09-07 05:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-14 07:35 - 2016-09-07 05:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-14 07:35 - 2016-09-07 05:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-14 07:35 - 2016-09-07 05:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-14 07:35 - 2016-09-07 05:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-14 07:35 - 2016-09-07 05:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-14 07:35 - 2016-09-07 05:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-14 07:35 - 2016-08-06 04:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 07:35 - 2016-08-02 09:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-14 07:35 - 2016-08-02 09:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-14 07:35 - 2016-08-02 09:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-14 07:35 - 2016-08-02 05:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-14 07:35 - 2016-08-02 05:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-14 07:35 - 2016-07-22 02:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-14 07:34 - 2016-09-07 06:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-14 07:34 - 2016-09-07 06:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-14 07:34 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-14 07:34 - 2016-09-07 06:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-14 07:34 - 2016-09-07 06:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-14 07:34 - 2016-09-07 06:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-14 07:34 - 2016-09-07 06:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-14 07:34 - 2016-09-07 06:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-14 07:34 - 2016-09-07 06:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-14 07:34 - 2016-09-07 06:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-14 07:34 - 2016-09-07 06:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-14 07:34 - 2016-09-07 06:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-14 07:34 - 2016-09-07 06:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-14 07:34 - 2016-09-07 05:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-14 07:34 - 2016-09-07 05:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-14 07:34 - 2016-09-07 05:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-14 07:34 - 2016-09-07 05:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-14 07:34 - 2016-09-07 05:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-14 07:34 - 2016-09-07 05:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-14 07:34 - 2016-09-07 05:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-14 07:34 - 2016-09-07 05:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-14 07:34 - 2016-09-07 05:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-14 07:34 - 2016-09-07 05:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-14 07:34 - 2016-09-07 05:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-14 07:34 - 2016-09-07 05:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-14 07:34 - 2016-09-07 05:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-14 07:34 - 2016-09-07 05:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-14 07:34 - 2016-09-07 05:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-14 07:34 - 2016-09-07 05:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-14 07:34 - 2016-09-07 05:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-14 07:34 - 2016-09-07 05:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-14 07:34 - 2016-09-07 05:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-14 07:34 - 2016-09-07 05:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-14 07:34 - 2016-09-07 05:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-14 07:34 - 2016-09-07 05:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-14 07:34 - 2016-09-07 05:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-14 07:34 - 2016-09-07 05:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-14 07:34 - 2016-09-07 05:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-14 07:34 - 2016-09-07 05:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-14 07:34 - 2016-09-07 05:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-14 07:34 - 2016-09-07 05:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-14 07:34 - 2016-09-07 05:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-14 07:34 - 2016-09-07 05:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-14 07:34 - 2016-09-07 05:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-14 07:34 - 2016-09-07 05:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-14 07:34 - 2016-09-07 05:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-14 07:34 - 2016-09-07 05:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-14 07:34 - 2016-08-06 05:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-14 07:34 - 2016-08-06 04:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-14 07:33 - 2016-09-07 06:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-14 07:33 - 2016-09-07 06:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-14 07:33 - 2016-09-07 06:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-14 07:33 - 2016-09-07 06:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-14 07:33 - 2016-09-07 06:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-14 07:33 - 2016-09-07 06:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-14 07:33 - 2016-09-07 06:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-14 07:33 - 2016-09-07 06:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-14 07:33 - 2016-09-07 06:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-14 07:33 - 2016-09-07 06:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-14 07:33 - 2016-09-07 06:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-14 07:33 - 2016-09-07 06:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-14 07:33 - 2016-09-07 06:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-14 07:33 - 2016-09-07 06:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-14 07:33 - 2016-09-07 06:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-14 07:33 - 2016-09-07 06:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-14 07:33 - 2016-09-07 06:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-14 07:33 - 2016-09-07 06:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-14 07:33 - 2016-09-07 05:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-14 07:33 - 2016-09-07 05:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-14 07:33 - 2016-09-07 05:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-14 07:33 - 2016-09-07 05:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-14 07:33 - 2016-09-07 05:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-14 07:33 - 2016-09-07 05:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-14 07:33 - 2016-09-07 05:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-14 07:33 - 2016-09-07 05:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-14 07:33 - 2016-09-07 05:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-14 07:33 - 2016-09-07 05:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-14 07:33 - 2016-09-07 05:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-14 07:33 - 2016-09-07 05:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-14 07:33 - 2016-09-07 05:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-14 07:33 - 2016-09-07 05:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-14 07:33 - 2016-09-07 05:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-14 07:33 - 2016-09-07 05:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-14 07:33 - 2016-09-07 05:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-14 07:33 - 2016-09-07 05:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-14 07:33 - 2016-09-07 05:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-14 07:33 - 2016-09-07 05:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-14 07:33 - 2016-09-07 05:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-14 07:33 - 2016-09-07 05:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-14 07:33 - 2016-09-07 05:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-14 07:33 - 2016-08-06 05:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-14 07:33 - 2016-07-22 02:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-14 07:32 - 2016-09-07 06:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-14 07:32 - 2016-09-07 06:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-14 07:32 - 2016-09-07 06:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-14 07:32 - 2016-09-07 06:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-14 07:32 - 2016-09-07 06:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-14 07:32 - 2016-09-07 06:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-14 07:32 - 2016-09-07 06:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-14 07:32 - 2016-09-07 06:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-14 07:32 - 2016-09-07 06:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 07:32 - 2016-09-07 06:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-14 07:32 - 2016-09-07 05:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-14 07:32 - 2016-09-07 05:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-14 07:32 - 2016-09-07 05:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-14 07:32 - 2016-09-07 05:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-14 07:32 - 2016-09-07 05:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-14 07:32 - 2016-09-07 05:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-14 07:32 - 2016-09-07 05:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-14 07:32 - 2016-09-07 05:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-14 07:32 - 2016-09-07 05:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-14 07:32 - 2016-09-07 05:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-14 07:32 - 2016-09-07 05:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-14 07:32 - 2016-09-07 05:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-14 07:32 - 2016-09-07 05:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-14 07:32 - 2016-09-07 05:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-14 07:32 - 2016-09-07 05:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-14 07:32 - 2016-09-07 05:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-14 07:32 - 2016-09-07 05:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-14 07:32 - 2016-09-07 05:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-14 07:32 - 2016-09-07 05:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-14 07:32 - 2016-09-07 05:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-14 07:32 - 2016-09-07 05:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-14 07:32 - 2016-09-07 05:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-14 07:32 - 2016-09-07 05:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-14 07:32 - 2016-09-07 05:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-14 07:32 - 2016-09-07 05:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-14 07:32 - 2016-09-07 05:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-14 07:32 - 2016-09-07 05:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-14 07:32 - 2016-09-07 05:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-14 07:32 - 2016-09-07 05:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-14 07:32 - 2016-09-07 05:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-14 07:32 - 2016-09-07 05:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-14 07:32 - 2016-09-07 05:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-14 07:32 - 2016-09-07 05:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-14 07:32 - 2016-09-07 05:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-14 07:32 - 2016-09-07 05:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-14 07:32 - 2016-09-07 05:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-14 07:32 - 2016-09-07 05:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-14 07:32 - 2016-09-07 05:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-14 07:32 - 2016-09-07 05:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-14 07:32 - 2016-09-07 05:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-14 07:32 - 2016-08-06 04:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-14 07:32 - 2016-08-02 05:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-14 07:31 - 2016-09-07 06:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-14 07:31 - 2016-09-07 06:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-14 07:31 - 2016-09-07 06:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-14 07:31 - 2016-09-07 05:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-14 07:31 - 2016-09-07 05:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-14 07:31 - 2016-09-07 05:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-14 07:31 - 2016-09-07 05:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-14 07:31 - 2016-09-07 05:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-14 07:31 - 2016-09-07 05:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-14 07:31 - 2016-09-07 05:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-14 07:31 - 2016-09-07 05:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-14 07:31 - 2016-09-07 05:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-14 07:31 - 2016-09-07 05:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-14 07:31 - 2016-09-07 05:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-14 07:31 - 2016-09-07 05:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-14 07:31 - 2016-09-07 05:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-14 07:31 - 2016-09-07 05:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-14 07:31 - 2016-09-07 05:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-14 07:31 - 2016-09-07 05:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-14 07:31 - 2016-09-07 05:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-14 07:31 - 2016-09-07 05:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-14 07:31 - 2016-09-07 05:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-14 07:31 - 2016-09-07 05:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-11 20:31 - 2016-09-11 20:31 - 00001148 ____R C:\Users\Public\Desktop\Counter Strike Source.lnk
2016-09-11 20:31 - 2016-09-11 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter Strike Source
2016-09-11 20:09 - 2016-10-01 20:03 - 00000000 ____D C:\Program Files (x86)\Counter Strike Source
2016-09-11 18:23 - 2016-09-11 19:43 - 1916624503 _____ C:\Users\Tomáš\Downloads\CounterStrike-Source-+-Online.rar
2016-09-10 01:13 - 2016-09-10 01:13 - 00002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-10 01:13 - 2016-09-10 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-09-10 00:54 - 2016-09-20 18:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-10 00:53 - 2016-09-10 00:53 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-10 00:51 - 2016-09-10 00:52 - 03783360 _____ (Microsoft Corporation) C:\Users\Tomáš\Downloads\Setup.X86.cs-CZ_O365HomePremRetail_078a81f1-0077-40ae-b667-a97ad439d6bd_TX_DB_.exe
2016-09-07 11:02 - 2016-09-07 11:02 - 00000376 _____ C:\WINDOWS\SysWOW64\data.bin
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47138203.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47136359.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47136046.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47126593.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47126187.html
2016-09-07 11:02 - 2016-09-07 11:02 - 00000000 ____D C:\Program Files (x86)\mkdo37
2016-09-07 11:01 - 2016-09-07 11:01 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_47114843.html
2016-09-07 11:01 - 2016-09-07 11:01 - 00000003 _____ C:\WINDOWS\SysWOW64\en_47114250.html
2016-09-06 12:57 - 2016-09-06 12:57 - 00112199 _____ C:\Users\Tomáš\Downloads\boarding-pass (2).pdf
2016-09-06 11:06 - 2016-09-06 11:06 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-09-05 11:00 - 2016-09-21 20:50 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\setup1
2016-09-05 11:00 - 2016-09-05 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-09-05 11:00 - 2016-09-05 11:00 - 00000000 ____D C:\Program Files (x86)\p3zrqnlj
2016-09-04 16:05 - 2016-09-06 11:43 - 00247479 _____ C:\Users\Tomáš\Downloads\boarding-pass (1).pdf
2016-09-04 15:56 - 2016-09-04 15:56 - 00112199 _____ C:\Users\Tomáš\Downloads\boarding-pass.pdf
2016-09-01 02:24 - 2016-10-01 11:42 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-01 20:24 - 2016-08-18 01:02 - 00000000 ____D C:\Users\Tomáš\AppData\Local\CrashDumps
2016-10-01 19:53 - 2016-08-17 16:57 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\vlc
2016-10-01 19:40 - 2016-08-17 12:23 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-01 16:14 - 2016-08-17 23:34 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
2016-10-01 15:47 - 2016-08-25 12:09 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{19058317-4356-4C2C-B1DA-E4604E3E43AE}
2016-10-01 12:02 - 2016-08-17 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-01 11:41 - 2016-08-17 16:22 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Packages
2016-10-01 11:41 - 2016-08-17 13:06 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-01 11:41 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-01 10:55 - 2016-08-17 13:15 - 01032102 _____ C:\WINDOWS\system32\perfh005.dat
2016-10-01 10:55 - 2016-08-17 13:15 - 00254288 _____ C:\WINDOWS\system32\perfc005.dat
2016-10-01 10:55 - 2016-08-17 12:45 - 02584980 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-01 10:55 - 2016-08-17 12:35 - 00000000 ____D C:\Users\Tomáš
2016-10-01 10:50 - 2016-08-17 23:43 - 00000000 ____D C:\Users\Tomáš\AppData\Local\NVIDIA Corporation
2016-10-01 10:50 - 2015-09-09 14:28 - 00000000 __SHD C:\Users\Tomáš\IntelGraphicsProfiles
2016-10-01 10:49 - 2016-08-17 12:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-01 10:49 - 2016-08-17 12:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-01 10:48 - 2016-08-17 12:51 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-10-01 10:47 - 2016-08-18 02:21 - 00000809 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2016-10-01 10:47 - 2016-08-17 22:34 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 10:23 - 2016-08-17 12:27 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-10-01 10:22 - 2016-08-17 23:41 - 00000000 ____D C:\Users\Tomáš\AppData\Local\NVIDIA
2016-10-01 10:22 - 2016-08-17 23:41 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-01 10:22 - 2016-08-17 13:04 - 00000000 ____D C:\WINDOWS\INF
2016-10-01 10:22 - 2016-08-17 12:27 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-30 20:50 - 2016-08-26 11:44 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\AIMP3
2016-09-30 20:50 - 2016-08-21 05:18 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2016-09-30 20:49 - 2016-08-17 13:21 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-30 16:44 - 2016-08-25 22:18 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2016-09-29 20:21 - 2015-09-10 04:03 - 00000000 ____D C:\Users\Tomáš\Documents\My Games
2016-09-21 22:21 - 2016-08-31 01:59 - 00000000 ____D C:\Program Files (x86)\Verleried
2016-09-21 19:37 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\rescache
2016-09-20 18:02 - 2016-08-17 13:06 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-16 21:47 - 2015-09-10 06:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-16 03:11 - 2016-08-17 12:23 - 00341456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-16 03:06 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-16 03:05 - 2016-08-17 13:06 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-16 03:05 - 2016-08-17 13:06 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-14 23:07 - 2016-08-17 18:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 22:57 - 2016-08-17 18:28 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-11 20:36 - 2016-08-17 16:23 - 00000000 ____D C:\Users\Tomáš\AppData\Local\VirtualStore
2016-09-10 02:01 - 2016-08-17 16:25 - 00002393 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-10 02:01 - 2015-09-10 03:31 - 00000000 ___RD C:\Users\Tomáš\OneDrive
2016-09-10 00:53 - 2016-08-17 13:06 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-07 17:32 - 2016-08-17 13:10 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 17:32 - 2016-08-17 13:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-01 19:09 - 2016-08-17 13:06 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 07:47 - 2016-08-31 00:57 - 00000000 __HDC C:\Users\Tomáš\Desktop\crack 3
2016-09-01 04:27 - 2016-08-31 07:43 - 06074906 _____ (Lindersoft ) C:\Users\Tomáš\Downloads\Fallout3CZ_1.0.0.15_patch.exe

==================== Files in the root of some directories =======

2016-08-31 06:03 - 2016-08-31 06:03 - 0000020 ____H () C:\Program Files (x86)\local64spl.dll.ini
2016-10-01 10:14 - 2016-10-01 20:25 - 0029696 _____ () C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2016-08-18 01:06 - 2016-08-18 01:06 - 0000017 _____ () C:\Users\Tomáš\AppData\Local\resmon.resmoncfg
2016-08-17 12:30 - 2016-08-17 12:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\66523936.t.exe
C:\Users\Tomáš\AppData\Local\Temp\libeay32.dll
C:\Users\Tomáš\AppData\Local\Temp\msvcr120.dll
C:\Users\Tomáš\AppData\Local\Temp\sqlite3.dll
C:\Users\Tomáš\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-25 16:40

==================== End of FRST.txt ============================

#8 Příspěvek od **Rudy** » 02 říj 2016 16:35

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Edge HomeButtonPage: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=14 ... WRP2XYWRPX
CHR HomePage: tunseplikuphgeqerent -> hxxp://www.trotux.com/?z=7e347ef786ee6d ... PX&type=hp
CHR StartupUrls: tunseplikuphgeqerent -> "hxxp://www.trotux.com/?z=7e347ef786ee6d71858e6 ... PX&type=hp"
CHR DefaultSearchURL: tunseplikuphgeqerent -> hxxp://www.nuesearch.com/search/?type=d ... 2XYWRPX&q={searchTerms}
CHR DefaultSearchKeyword: tunseplikuphgeqerent -> nuesearch
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent [2016-10-01] <==== ATTENTION
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638}
C:\WINDOWS\System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E}
C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}
C:\ProgramData\DP45977C.lfl
C:\Users\Tomáš\AppData\Local\Temp
Task: {6E594801-1F26-49AC-91FE-FF611153E5A7} - System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E} => C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}\46B5891B-F11E-3EB0-AD45-9E733C900421.exe [2016-10-01] () <==== ATTENTION
Task: {C8A446FC-4C99-4603-8920-4091D1C959D6} - System32\Tasks\SMW_UpdateTask_Time_313939353837363230342d2355786c325a5b5734412d34 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {F24773E4-F3BA-4A91-9280-46E372FDB17B} - System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\f11de6e2\ff4cb89d.dll" <==== ATTENTION
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

marecek91 · #9 Příspěvek od **marecek91** » 02 říj 2016 18:30

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-09-2016
Ran by Tomáš (02-10-2016 17:06:52) Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Edge HomeButtonPage: HKU\S-1-5-21-3340955704-2885399049-3513640934-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=14 ... WRP2XYWRPX
CHR HomePage: tunseplikuphgeqerent -> hxxp://www.trotux.com/?z=7e347ef786ee6d ... PX&type=hp
CHR StartupUrls: tunseplikuphgeqerent -> "hxxp://www.trotux.com/?z=7e347ef786ee6d71858e6 ... PX&type=hp"
CHR DefaultSearchURL: tunseplikuphgeqerent -> hxxp://www.nuesearch.com/search/?type=d ... 2XYWRPX&q={searchTerms}
CHR DefaultSearchKeyword: tunseplikuphgeqerent -> nuesearch
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent [2016-10-01] <==== ATTENTION
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638}
C:\WINDOWS\System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E}
C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}
C:\ProgramData\DP45977C.lfl
C:\Users\Tomáš\AppData\Local\Temp
Task: {6E594801-1F26-49AC-91FE-FF611153E5A7} - System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E} => C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}\46B5891B-F11E-3EB0-AD45-9E733C900421.exe [2016-10-01] () <==== ATTENTION
Task: {C8A446FC-4C99-4603-8920-4091D1C959D6} - System32\Tasks\SMW_UpdateTask_Time_313939353837363230342d2355786c325a5b5734412d34 => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {F24773E4-F3BA-4A91-9280-46E372FDB17B} - System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\f11de6e2\ff4cb89d.dll" <==== ATTENTION
End
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => key removed successfully
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-3340955704-2885399049-3513640934-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\tunseplikuphgeqerent => moved successfully
"C:\WINDOWS\LastGood.Tmp" => not found.
C:\WINDOWS\System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638} => moved successfully
C:\WINDOWS\System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E} => moved successfully

"C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}" folder move:

Could not move "C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C}" => Scheduled to move on reboot.

C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Tomáš\AppData\Local\Temp" folder move:

Could not move "C:\Users\Tomáš\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E594801-1F26-49AC-91FE-FF611153E5A7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E594801-1F26-49AC-91FE-FF611153E5A7}" => key removed successfully
C:\WINDOWS\System32\Tasks\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E} => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4D376E07-FA9C-D9AC-DDED-EB8BC07B4C2E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8A446FC-4C99-4603-8920-4091D1C959D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8A446FC-4C99-4603-8920-4091D1C959D6}" => key removed successfully
C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_313939353837363230342d2355786c325a5b5734412d34 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_313939353837363230342d2355786c325a5b5734412d34" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F24773E4-F3BA-4A91-9280-46E372FDB17B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F24773E4-F3BA-4A91-9280-46E372FDB17B}" => key removed successfully
C:\WINDOWS\System32\Tasks\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638} => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8F7CA10A-DFD1-7483-8FE6-6AA2142FD638}" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-10-2016 18:18:00)

C:\ProgramData\{6229CE64-D582-79CF-C82E-777BDCAD636C} => Is moved successfully
C:\Users\Tomáš\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:18:02 ====

#10 Příspěvek od **Rudy** » 02 říj 2016 18:31

Smazáno. Nastala nějaká změna?

marecek91 · #11 Příspěvek od **marecek91** » 02 říj 2016 19:50

Vyřešeno, Disk je vytížený jen chvíli po startu oken, jinak do 10%, reklamy nikde, domovská stránka na Chrome jde opět nastavit "normálně". Vše vypadá OK. Díky moc

zasílám něco málo za pomoc na účet fóra.
Ať se daří

M.

#12 Příspěvek od **Rudy** » 02 říj 2016 20:06

Děkujeme za přání i za příspěvek a vy nemáte zač!

VIRY.CZ

Vytížený disk- svchost.exe, zpomalený net

Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net

Re: Vytížený disk- svchost.exe, zpomalený net