
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
spomalene pc...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
spomalene pc...
Prosim o kontrolu, mam to veeelmi spomalene
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016
Ran by Pc (administrator) on PC-PC (14-10-2016 15:54:38)
Running from C:\Users\Pc\Desktop
Loaded Profiles: Pc (Available Profiles: Pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2091600439-2394510615-2102914365-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2091600439-2394510615-2102914365-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29645440 2016-09-12] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{305766B3-C17C-4590-AA62-12106D7E17F8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKLM -> {F55FDD56-CAF4-447F-ADDA-73474815FF48} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2091600439-2394510615-2102914365-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091600439-2394510615-2102914365-1000 -> {F55FDD56-CAF4-447F-ADDA-73474815FF48} URL =
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Pomocník pri prihlasovaní v sieti Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/SK/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default [2016-10-14]
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-07-04]
FF Extension: (Firefox Hotfix) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-10-13] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5337184 2012-11-12] (Intel Corporation) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236888 2016-08-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-21] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-21] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-10-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-10-13] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-14 15:54 - 2016-10-14 15:55 - 00014355 _____ C:\Users\Pc\Desktop\FRST.txt
2016-10-14 15:54 - 2016-10-14 15:54 - 00000000 ____D C:\FRST
2016-10-14 15:52 - 2016-10-14 15:52 - 02406912 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2016-10-13 19:55 - 2016-10-13 19:55 - 00249141 _____ C:\Users\Pc\Documents\Rozmery DOKAR2.pdf
2016-10-11 23:00 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-11 22:58 - 2016-09-30 22:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 22:58 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-11 22:58 - 2016-09-30 17:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 22:58 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-11 22:58 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-11 22:58 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 22:58 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 22:58 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 22:58 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 22:58 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 22:58 - 2016-09-30 08:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 22:58 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-11 22:58 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 22:58 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-11 22:58 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 22:58 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 22:58 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 22:58 - 2016-09-30 07:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 22:58 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 22:58 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 22:58 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 22:58 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-11 22:58 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 22:58 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-11 22:58 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 22:58 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-11 22:58 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-11 22:58 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-11 22:58 - 2016-09-15 17:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 22:58 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-11 22:58 - 2016-09-12 23:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 22:58 - 2016-09-12 23:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 22:58 - 2016-09-12 23:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 22:58 - 2016-09-12 23:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-11 22:58 - 2016-09-12 23:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 22:58 - 2016-09-12 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-11 22:58 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 22:58 - 2016-09-12 22:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 22:58 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-11 22:58 - 2016-09-12 20:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 22:58 - 2016-09-12 20:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 22:58 - 2016-09-10 18:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 22:58 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 22:58 - 2016-09-09 20:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-11 22:58 - 2016-09-09 20:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-11 22:58 - 2016-09-09 20:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 22:58 - 2016-09-09 20:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-11 22:58 - 2016-09-08 16:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 22:58 - 2016-09-08 16:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 22:58 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 22:58 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 22:58 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 22:58 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 22:58 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 22:58 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 22:58 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 22:58 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-11 22:58 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-11 22:58 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 22:58 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 22:58 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-11 22:58 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-11 22:58 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-11 22:58 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 22:58 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 22:58 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 22:58 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-11 22:58 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 22:58 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 22:58 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 22:58 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-11 22:58 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-11 22:58 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 22:58 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 22:57 - 2016-09-30 08:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 22:57 - 2016-09-30 08:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 22:57 - 2016-09-30 08:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 22:57 - 2016-09-30 08:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 22:57 - 2016-09-30 08:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 22:57 - 2016-09-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 22:57 - 2016-09-30 08:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 22:57 - 2016-09-30 08:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 22:57 - 2016-09-30 08:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 22:57 - 2016-09-30 08:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 22:57 - 2016-09-30 08:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 22:57 - 2016-09-30 08:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 22:57 - 2016-09-30 08:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 22:57 - 2016-09-30 07:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 22:57 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-11 22:57 - 2016-09-30 07:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 22:57 - 2016-09-30 07:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 22:57 - 2016-09-30 07:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 22:57 - 2016-09-30 07:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 22:57 - 2016-09-30 07:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 22:57 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-11 22:57 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-11 22:57 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-11 22:57 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-11 22:57 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-11 22:57 - 2016-09-30 07:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 22:57 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-11 22:57 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-11 22:57 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-11 22:57 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-11 22:57 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-11 22:57 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-11 22:57 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-11 22:57 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-11 22:57 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-11 22:57 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-11 22:57 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-11 22:57 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-11 22:57 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-11 22:57 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-11 22:57 - 2016-09-15 17:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 22:57 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-11 22:57 - 2016-09-12 22:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 22:57 - 2016-09-12 22:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 22:57 - 2016-09-12 22:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 22:57 - 2016-09-12 22:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 22:57 - 2016-09-12 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 22:57 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-11 22:57 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 22:57 - 2016-09-09 19:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 22:57 - 2016-09-09 19:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 22:57 - 2016-09-09 19:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-11 22:57 - 2016-09-09 19:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 22:57 - 2016-09-09 19:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 22:57 - 2016-09-09 19:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-11 22:57 - 2016-09-09 19:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-11 22:57 - 2016-09-09 19:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-11 22:57 - 2016-09-09 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-11 22:57 - 2016-09-09 19:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-11 22:57 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-11 22:57 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 22:57 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-11 22:51 - 2016-09-12 23:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 22:51 - 2016-09-12 23:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 22:51 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 22:51 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 22:51 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-11 22:51 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 22:51 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-11 22:50 - 2016-08-29 17:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 22:50 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 22:50 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-11 22:49 - 2016-07-22 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 22:49 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-09 11:06 - 2016-10-09 11:06 - 00256620 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP BUR. PRACE 2 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00256406 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP BUR. PRACE 1 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00239014 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP NOVY STAV 2 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00180242 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP NOVY STAV 1 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00065225 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PPREZ A-A STAVEBNE UPRAVY.pdf
2016-10-09 10:58 - 2016-10-09 10:58 - 00073196 _____ C:\Users\Pc\Downloads\10 - Stavebné úpravy pre výstavbu pošta slepák.xlsx
2016-10-08 10:33 - 2016-10-08 10:33 - 00673455 _____ C:\Users\Pc\Documents\IMG_20161008_0004.pdf
2016-10-08 10:31 - 2016-10-08 10:31 - 00644633 _____ C:\Users\Pc\Documents\IMG_20161008_0003.pdf
2016-10-08 10:29 - 2016-10-08 10:29 - 00634792 _____ C:\Users\Pc\Documents\IMG_20161008_0002.pdf
2016-10-08 10:26 - 2016-10-08 10:26 - 00645620 _____ C:\Users\Pc\Documents\IMG_20161008_0001.pdf
2016-10-07 13:33 - 2016-10-07 13:33 - 00227831 _____ C:\Users\Pc\Documents\Diplom Husarik.pdf
2016-10-04 19:49 - 2016-10-04 19:49 - 00020670 _____ C:\Users\Pc\Downloads\Modus-S01E08(0000265714).srt
2016-10-04 19:47 - 2016-10-04 19:47 - 00021409 _____ C:\Users\Pc\Downloads\Modus-S01E06(0000265507).srt
2016-10-03 19:36 - 2016-10-03 19:36 - 00024321 _____ C:\Users\Pc\Downloads\Modus-S01E05(0000265449).srt
2016-10-03 19:35 - 2016-10-03 19:35 - 00024324 _____ C:\Users\Pc\Downloads\Modus-S01E05(0000265905).srt
2016-10-03 19:34 - 2016-10-03 19:34 - 00025855 _____ C:\Users\Pc\Downloads\Modus-S01E04(0000265337).srt
2016-10-03 19:33 - 2016-10-03 19:33 - 00026162 _____ C:\Users\Pc\Downloads\Modus-S01E02(0000263409).srt
2016-10-03 19:33 - 2016-10-03 19:33 - 00026160 _____ C:\Users\Pc\Downloads\Modus.S01E02.720p.HDTV.x265.srt
2016-10-03 19:33 - 2016-10-03 19:33 - 00023585 _____ C:\Users\Pc\Downloads\Modus-S01E03(0000264119).srt
2016-10-03 19:32 - 2016-10-03 19:32 - 00025585 _____ C:\Users\Pc\Downloads\Modus.S01E01.720p.HDTV.x265.srt
2016-10-03 19:31 - 2016-10-03 19:31 - 00025587 _____ C:\Users\Pc\Downloads\Modus-S01E01(0000263091).srt
2016-09-26 19:28 - 2016-09-26 19:28 - 00221627 _____ C:\Users\Pc\Downloads\StM-216146 H2H Malacky, RD Dokar2.pdf
2016-09-25 11:59 - 2016-09-25 11:59 - 00035840 _____ C:\Users\Pc\Downloads\Rozpočet Rekreačno oddychový areál Holič Ľuboš.xls
2016-09-24 14:04 - 2016-09-24 14:04 - 00013420 _____ C:\Users\Pc\Downloads\the.big.bang.theory.s01.e03.the.fuzzy.boots.corollary.(2007).eng.1cd.(5734894).zip
2016-09-24 14:01 - 2016-09-24 14:01 - 00013663 _____ C:\Users\Pc\Downloads\the.big.bang.theory.s01.e02.the.big.bran.hypothesis.(2007).eng.1cd.(5724694).zip
2016-09-24 14:00 - 2016-09-24 14:00 - 00013179 _____ C:\Users\Pc\Downloads\the.big.bang.theory.s01.e01.pilot.(2007).eng.1cd.(6422696).zip
2016-09-22 21:04 - 2016-09-22 21:04 - 00037363 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E09(0000262949).srt
2016-09-22 20:58 - 2016-09-22 20:58 - 00028910 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E10(0000263224).srt
2016-09-22 20:45 - 2016-09-22 20:45 - 00039322 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E08(0000262419).srt
2016-09-22 20:43 - 2016-09-22 20:43 - 00038240 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E07(0000262092).srt
2016-09-22 20:39 - 2016-09-22 20:39 - 00042666 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E06(0000261770).srt
2016-09-22 18:10 - 2016-09-22 18:11 - 00040272 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E05(0000261367).srt
2016-09-22 18:06 - 2016-09-22 18:06 - 00038351 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E04(0000261065).srt
2016-09-21 21:11 - 2016-09-21 21:11 - 00035436 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E03(0000260674).srt
2016-09-21 21:05 - 2016-09-21 21:05 - 00038281 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E02(0000260455).srt
2016-09-21 21:02 - 2016-09-21 21:02 - 00038191 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E02(0000260308).srt
2016-09-21 15:08 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 15:08 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 22:06 - 2016-09-20 22:06 - 00035424 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E01(0000259988).srt
2016-09-15 00:53 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-15 00:53 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-15 00:53 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-15 00:52 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-09-15 00:52 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-09-15 00:52 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-09-15 00:52 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-09-15 00:52 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-09-15 00:52 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-09-15 00:52 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-09-15 00:52 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-15 00:52 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-09-15 00:52 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-09-15 00:52 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-09-15 00:52 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-09-15 00:52 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-09-15 00:52 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-09-15 00:52 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-09-15 00:52 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-09-15 00:52 - 2016-05-12 19:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-09-15 00:52 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-09-15 00:52 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-09-15 00:52 - 2016-05-04 19:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-09-15 00:52 - 2016-05-04 19:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-09-15 00:52 - 2016-05-04 19:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-09-15 00:52 - 2016-05-04 17:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-09-15 00:52 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-09-15 00:51 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-15 00:51 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-15 00:51 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-15 00:51 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-15 00:51 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-15 00:51 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-15 00:51 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-15 00:51 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-14 15:44 - 2014-07-09 18:26 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-14 15:42 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-14 15:42 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-14 15:31 - 2015-01-19 20:23 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2016-10-14 03:11 - 2014-10-15 20:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-13 19:58 - 2016-03-19 19:56 - 00000000 ____D C:\Users\Pc\AppData\Roaming\FileAdvisor
2016-10-13 18:57 - 2009-07-14 07:13 - 00782744 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-13 18:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-13 09:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 07:27 - 2014-10-17 13:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-12 07:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-12 07:27 - 2009-07-14 06:45 - 00433200 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 07:26 - 2014-08-11 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 07:26 - 2014-08-11 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 07:23 - 2014-12-11 04:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 07:23 - 2014-07-11 22:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 07:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 07:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 07:03 - 2014-07-11 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 06:58 - 2014-07-11 20:25 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 06:56 - 2014-08-11 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 15:32 - 2014-07-30 19:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 15:31 - 2014-07-30 19:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 15:31 - 2014-07-30 19:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 15:31 - 2014-07-30 19:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-11 15:31 - 2014-07-30 19:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-07 13:10 - 2014-07-20 21:00 - 00000000 ____D C:\Users\Pc\AppData\Roaming\vlc
2016-10-06 20:28 - 2016-07-31 08:52 - 00503152 _____ C:\Windows\ntbtlog.txt
2016-10-06 18:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-03 19:10 - 2016-09-02 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-03 19:10 - 2014-07-11 08:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 22:48 - 2016-03-22 04:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-27 22:48 - 2015-01-19 20:36 - 00000000 ____D C:\ProgramData\Skype
2016-09-24 13:57 - 2015-01-08 23:13 - 00000000 ____D C:\Users\Pc\AppData\Roaming\HandBrake
2016-09-20 20:29 - 2014-07-16 21:26 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-09-15 03:25 - 2010-11-21 09:17 - 00000000 ____D C:\Windows\ShellNew
2016-09-15 03:24 - 2014-08-10 17:40 - 00000000 ____D C:\Users\Pc\AppData\Roaming\SoftGrid Client
==================== Files in the root of some directories =======
2014-11-22 14:23 - 2014-12-17 19:35 - 0005120 _____ () C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 19:14 - 2015-02-26 19:14 - 0000292 _____ () C:\Users\Pc\AppData\Local\HamsterBookConverter.cfg
Some files in TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-05 18:58
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-10-2016
Ran by Pc (administrator) on PC-PC (14-10-2016 15:54:38)
Running from C:\Users\Pc\Desktop
Loaded Profiles: Pc (Available Profiles: Pc)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_185.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-10-13] (NVIDIA Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2091600439-2394510615-2102914365-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2091600439-2394510615-2102914365-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29645440 2016-09-12] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{305766B3-C17C-4590-AA62-12106D7E17F8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKLM -> {F55FDD56-CAF4-447F-ADDA-73474815FF48} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2091600439-2394510615-2102914365-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2091600439-2394510615-2102914365-1000 -> {F55FDD56-CAF4-447F-ADDA-73474815FF48} URL =
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-18] (Oracle Corporation)
BHO-x32: Pomocník pri prihlasovaní v sieti Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-18] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/SK/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default [2016-10-14]
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-07-04]
FF Extension: (Firefox Hotfix) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-10-13] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [5337184 2012-11-12] (Intel Corporation) [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236888 2016-08-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-21] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-21] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-10-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-10-13] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-14 15:54 - 2016-10-14 15:55 - 00014355 _____ C:\Users\Pc\Desktop\FRST.txt
2016-10-14 15:54 - 2016-10-14 15:54 - 00000000 ____D C:\FRST
2016-10-14 15:52 - 2016-10-14 15:52 - 02406912 _____ (Farbar) C:\Users\Pc\Desktop\FRST64.exe
2016-10-13 19:55 - 2016-10-13 19:55 - 00249141 _____ C:\Users\Pc\Documents\Rozmery DOKAR2.pdf
2016-10-11 23:00 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 23:00 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-11 22:58 - 2016-09-30 22:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 22:58 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-11 22:58 - 2016-09-30 17:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 22:58 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-11 22:58 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-11 22:58 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 22:58 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 22:58 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 22:58 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 22:58 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 22:58 - 2016-09-30 08:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 22:58 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-11 22:58 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 22:58 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-11 22:58 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 22:58 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 22:58 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 22:58 - 2016-09-30 07:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 22:58 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 22:58 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 22:58 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 22:58 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-11 22:58 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 22:58 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-11 22:58 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 22:58 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-11 22:58 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-11 22:58 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-11 22:58 - 2016-09-15 17:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 22:58 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-11 22:58 - 2016-09-12 23:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 22:58 - 2016-09-12 23:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 22:58 - 2016-09-12 23:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 22:58 - 2016-09-12 23:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-11 22:58 - 2016-09-12 23:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 22:58 - 2016-09-12 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-11 22:58 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 22:58 - 2016-09-12 22:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 22:58 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-11 22:58 - 2016-09-12 20:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 22:58 - 2016-09-12 20:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 22:58 - 2016-09-10 18:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 22:58 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 22:58 - 2016-09-09 20:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-11 22:58 - 2016-09-09 20:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-11 22:58 - 2016-09-09 20:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 22:58 - 2016-09-09 20:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 22:58 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-11 22:58 - 2016-09-08 16:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 22:58 - 2016-09-08 16:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 22:58 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 22:58 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 22:58 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 22:58 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 22:58 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 22:58 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-11 22:58 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-11 22:58 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-11 22:58 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 22:58 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-11 22:58 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-11 22:58 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 22:58 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 22:58 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-11 22:58 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-11 22:58 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-11 22:58 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 22:58 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-11 22:58 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 22:58 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 22:58 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-11 22:58 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-11 22:58 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 22:58 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 22:58 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 22:58 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-11 22:58 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-11 22:58 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 22:58 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 22:57 - 2016-09-30 08:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 22:57 - 2016-09-30 08:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 22:57 - 2016-09-30 08:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 22:57 - 2016-09-30 08:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 22:57 - 2016-09-30 08:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 22:57 - 2016-09-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 22:57 - 2016-09-30 08:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 22:57 - 2016-09-30 08:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 22:57 - 2016-09-30 08:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 22:57 - 2016-09-30 08:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 22:57 - 2016-09-30 08:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 22:57 - 2016-09-30 08:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 22:57 - 2016-09-30 08:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 22:57 - 2016-09-30 07:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 22:57 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-11 22:57 - 2016-09-30 07:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 22:57 - 2016-09-30 07:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 22:57 - 2016-09-30 07:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 22:57 - 2016-09-30 07:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 22:57 - 2016-09-30 07:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 22:57 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-11 22:57 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-11 22:57 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-11 22:57 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-11 22:57 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-11 22:57 - 2016-09-30 07:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 22:57 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-11 22:57 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-11 22:57 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-11 22:57 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-11 22:57 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-11 22:57 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-11 22:57 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-11 22:57 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-11 22:57 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-11 22:57 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-11 22:57 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-11 22:57 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-11 22:57 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-11 22:57 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 22:57 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-11 22:57 - 2016-09-15 17:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 22:57 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 22:57 - 2016-09-12 23:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-11 22:57 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-11 22:57 - 2016-09-12 22:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 22:57 - 2016-09-12 22:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 22:57 - 2016-09-12 22:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 22:57 - 2016-09-12 22:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 22:57 - 2016-09-12 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 22:57 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-11 22:57 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-11 22:57 - 2016-09-09 20:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 22:57 - 2016-09-09 19:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 22:57 - 2016-09-09 19:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 22:57 - 2016-09-09 19:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-11 22:57 - 2016-09-09 19:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 22:57 - 2016-09-09 19:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 22:57 - 2016-09-09 19:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-11 22:57 - 2016-09-09 19:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-11 22:57 - 2016-09-09 19:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-11 22:57 - 2016-09-09 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-11 22:57 - 2016-09-09 19:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57 - 2016-09-09 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-11 22:57 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-11 22:57 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 22:57 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 22:57 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-11 22:57 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-11 22:51 - 2016-09-12 23:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 22:51 - 2016-09-12 23:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 22:51 - 2016-09-09 17:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 22:51 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 22:51 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 22:51 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-11 22:51 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 22:51 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-11 22:50 - 2016-08-29 17:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 22:50 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-11 22:50 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-11 22:49 - 2016-07-22 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 22:49 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-09 11:06 - 2016-10-09 11:06 - 00256620 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP BUR. PRACE 2 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00256406 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP BUR. PRACE 1 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00239014 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP NOVY STAV 2 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00180242 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PP NOVY STAV 1 STAVEBNE UPRAVY.pdf
2016-10-09 11:06 - 2016-10-09 11:06 - 00065225 _____ C:\Users\Pc\Downloads\KRAMÁRE BYTY 1.PPREZ A-A STAVEBNE UPRAVY.pdf
2016-10-09 10:58 - 2016-10-09 10:58 - 00073196 _____ C:\Users\Pc\Downloads\10 - Stavebné úpravy pre výstavbu pošta slepák.xlsx
2016-10-08 10:33 - 2016-10-08 10:33 - 00673455 _____ C:\Users\Pc\Documents\IMG_20161008_0004.pdf
2016-10-08 10:31 - 2016-10-08 10:31 - 00644633 _____ C:\Users\Pc\Documents\IMG_20161008_0003.pdf
2016-10-08 10:29 - 2016-10-08 10:29 - 00634792 _____ C:\Users\Pc\Documents\IMG_20161008_0002.pdf
2016-10-08 10:26 - 2016-10-08 10:26 - 00645620 _____ C:\Users\Pc\Documents\IMG_20161008_0001.pdf
2016-10-07 13:33 - 2016-10-07 13:33 - 00227831 _____ C:\Users\Pc\Documents\Diplom Husarik.pdf
2016-10-04 19:49 - 2016-10-04 19:49 - 00020670 _____ C:\Users\Pc\Downloads\Modus-S01E08(0000265714).srt
2016-10-04 19:47 - 2016-10-04 19:47 - 00021409 _____ C:\Users\Pc\Downloads\Modus-S01E06(0000265507).srt
2016-10-03 19:36 - 2016-10-03 19:36 - 00024321 _____ C:\Users\Pc\Downloads\Modus-S01E05(0000265449).srt
2016-10-03 19:35 - 2016-10-03 19:35 - 00024324 _____ C:\Users\Pc\Downloads\Modus-S01E05(0000265905).srt
2016-10-03 19:34 - 2016-10-03 19:34 - 00025855 _____ C:\Users\Pc\Downloads\Modus-S01E04(0000265337).srt
2016-10-03 19:33 - 2016-10-03 19:33 - 00026162 _____ C:\Users\Pc\Downloads\Modus-S01E02(0000263409).srt
2016-10-03 19:33 - 2016-10-03 19:33 - 00026160 _____ C:\Users\Pc\Downloads\Modus.S01E02.720p.HDTV.x265.srt
2016-10-03 19:33 - 2016-10-03 19:33 - 00023585 _____ C:\Users\Pc\Downloads\Modus-S01E03(0000264119).srt
2016-10-03 19:32 - 2016-10-03 19:32 - 00025585 _____ C:\Users\Pc\Downloads\Modus.S01E01.720p.HDTV.x265.srt
2016-10-03 19:31 - 2016-10-03 19:31 - 00025587 _____ C:\Users\Pc\Downloads\Modus-S01E01(0000263091).srt
2016-09-26 19:28 - 2016-09-26 19:28 - 00221627 _____ C:\Users\Pc\Downloads\StM-216146 H2H Malacky, RD Dokar2.pdf
2016-09-25 11:59 - 2016-09-25 11:59 - 00035840 _____ C:\Users\Pc\Downloads\Rozpočet Rekreačno oddychový areál Holič Ľuboš.xls
2016-09-24 14:04 - 2016-09-24 14:04 - 00013420 _____ C:\Users\Pc\Downloads\the.big.bang.theory.s01.e03.the.fuzzy.boots.corollary.(2007).eng.1cd.(5734894).zip
2016-09-24 14:01 - 2016-09-24 14:01 - 00013663 _____ C:\Users\Pc\Downloads\the.big.bang.theory.s01.e02.the.big.bran.hypothesis.(2007).eng.1cd.(5724694).zip
2016-09-24 14:00 - 2016-09-24 14:00 - 00013179 _____ C:\Users\Pc\Downloads\the.big.bang.theory.s01.e01.pilot.(2007).eng.1cd.(6422696).zip
2016-09-22 21:04 - 2016-09-22 21:04 - 00037363 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E09(0000262949).srt
2016-09-22 20:58 - 2016-09-22 20:58 - 00028910 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E10(0000263224).srt
2016-09-22 20:45 - 2016-09-22 20:45 - 00039322 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E08(0000262419).srt
2016-09-22 20:43 - 2016-09-22 20:43 - 00038240 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E07(0000262092).srt
2016-09-22 20:39 - 2016-09-22 20:39 - 00042666 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E06(0000261770).srt
2016-09-22 18:10 - 2016-09-22 18:11 - 00040272 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E05(0000261367).srt
2016-09-22 18:06 - 2016-09-22 18:06 - 00038351 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E04(0000261065).srt
2016-09-21 21:11 - 2016-09-21 21:11 - 00035436 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E03(0000260674).srt
2016-09-21 21:05 - 2016-09-21 21:05 - 00038281 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E02(0000260455).srt
2016-09-21 21:02 - 2016-09-21 21:02 - 00038191 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E02(0000260308).srt
2016-09-21 15:08 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 15:08 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 22:06 - 2016-09-20 22:06 - 00035424 _____ C:\Users\Pc\Downloads\Bron-Broen-S03E01(0000259988).srt
2016-09-15 00:53 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-15 00:53 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-15 00:53 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-15 00:52 - 2016-05-14 00:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-09-15 00:52 - 2016-05-14 00:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-09-15 00:52 - 2016-05-14 00:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-09-15 00:52 - 2016-05-14 00:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-09-15 00:52 - 2016-05-13 23:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-09-15 00:52 - 2016-05-13 23:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-09-15 00:52 - 2016-05-13 23:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-09-15 00:52 - 2016-05-13 23:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-15 00:52 - 2016-05-13 23:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-09-15 00:52 - 2016-05-13 23:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-09-15 00:52 - 2016-05-13 23:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-09-15 00:52 - 2016-05-13 23:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-09-15 00:52 - 2016-05-13 23:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-09-15 00:52 - 2016-05-13 23:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-09-15 00:52 - 2016-05-13 23:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-09-15 00:52 - 2016-05-13 23:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-09-15 00:52 - 2016-05-12 19:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-09-15 00:52 - 2016-05-12 17:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-09-15 00:52 - 2016-05-12 17:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-09-15 00:52 - 2016-05-04 19:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-09-15 00:52 - 2016-05-04 19:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-09-15 00:52 - 2016-05-04 19:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-09-15 00:52 - 2016-05-04 19:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-09-15 00:52 - 2016-05-04 17:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-09-15 00:52 - 2016-05-04 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-09-15 00:51 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-15 00:51 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-15 00:51 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-15 00:51 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-15 00:51 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-15 00:51 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-15 00:51 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-15 00:51 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-14 15:44 - 2014-07-09 18:26 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-14 15:42 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-14 15:42 - 2009-07-14 06:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-14 15:31 - 2015-01-19 20:23 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Skype
2016-10-14 03:11 - 2014-10-15 20:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-13 19:58 - 2016-03-19 19:56 - 00000000 ____D C:\Users\Pc\AppData\Roaming\FileAdvisor
2016-10-13 18:57 - 2009-07-14 07:13 - 00782744 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-13 18:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-13 09:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 07:27 - 2014-10-17 13:00 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-12 07:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-12 07:27 - 2009-07-14 06:45 - 00433200 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 07:26 - 2014-08-11 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 07:26 - 2014-08-11 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 07:23 - 2014-12-11 04:21 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 07:23 - 2014-07-11 22:45 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 07:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 07:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 07:03 - 2014-07-11 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 06:58 - 2014-07-11 20:25 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 06:56 - 2014-08-11 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 15:32 - 2014-07-30 19:46 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 15:31 - 2014-07-30 19:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 15:31 - 2014-07-30 19:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 15:31 - 2014-07-30 19:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-11 15:31 - 2014-07-30 19:46 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-07 13:10 - 2014-07-20 21:00 - 00000000 ____D C:\Users\Pc\AppData\Roaming\vlc
2016-10-06 20:28 - 2016-07-31 08:52 - 00503152 _____ C:\Windows\ntbtlog.txt
2016-10-06 18:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-03 19:10 - 2016-09-02 13:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-03 19:10 - 2014-07-11 08:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-27 22:48 - 2016-03-22 04:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-27 22:48 - 2015-01-19 20:36 - 00000000 ____D C:\ProgramData\Skype
2016-09-24 13:57 - 2015-01-08 23:13 - 00000000 ____D C:\Users\Pc\AppData\Roaming\HandBrake
2016-09-20 20:29 - 2014-07-16 21:26 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-09-15 03:25 - 2010-11-21 09:17 - 00000000 ____D C:\Windows\ShellNew
2016-09-15 03:24 - 2014-08-10 17:40 - 00000000 ____D C:\Users\Pc\AppData\Roaming\SoftGrid Client
==================== Files in the root of some directories =======
2014-11-22 14:23 - 2014-12-17 19:35 - 0005120 _____ () C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-26 19:14 - 2015-02-26 19:14 - 0000292 _____ () C:\Users\Pc\AppData\Local\HamsterBookConverter.cfg
Some files in TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-05 18:58
==================== End of FRST.txt ============================
Re: spomalene pc...
Zdravím, smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Stáhni a spusť AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: spomalene pc...
AdwCleaner v6.021 - *Logfile created 15/10/2016 *at 08:45:37
# *Updated on 06/10/2016 by ToolsLib
# *Database : 2016-10-14.1 [*Server]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Pc - PC-PC
# *Running from : C:\Users\Pc\Downloads\adwcleaner_6.021.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum
***** [ *Services ] *****
***** [ *Folders ] *****
[-] *Folder deleted: C:\Users\Pc\AppData\Roaming\AdvertismentImages
***** [ *Files ] *****
[-] *File deleted: C:\Windows\SysNative\rlls64.dll
[-] *File deleted: C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] *File deleted: C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSU.Registry
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSU.SysUtils
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSU.Registry
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] *Key deleted: HKLM\SOFTWARE\SPPDCOM
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1716 *Bytes] - [15/10/2016 08:45:37]
C:\AdwCleaner\AdwCleaner[R1].txt - [810 *Bytes] - [29/09/2014 17:32:31]
C:\AdwCleaner\AdwCleaner[R2].txt - [2608 *Bytes] - [06/01/2015 01:17:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [870 *Bytes] - [29/09/2014 17:33:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [2711 *Bytes] - [06/01/2015 01:20:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [2229 *Bytes] - [14/10/2016 21:50:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2158 *Bytes] ##########
ComboFix 16-10-17.01 - Pc . 10. 2016 9:12.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.4040.2195 [GMT 2:00]
Running from: c:\users\Pc\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Anti-Virus *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-09-22 to 2016-10-22 )))))))))))))))))))))))))))))))
.
.
2016-10-22 07:17 . 2016-10-22 07:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-10-22 07:15 . 2016-10-22 07:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\offreg.5704.dll
2016-10-21 18:02 . 2016-10-06 21:42 12033040 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\mpengine.dll
2016-10-15 17:13 . 2016-10-15 17:13 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-10-15 17:10 . 2016-10-15 17:14 -------- d-----w- c:\users\Pc\AppData\Roaming\Seznam.cz
2016-10-14 13:54 . 2016-10-14 13:57 -------- d-----w- C:\FRST
2016-10-11 21:00 . 2016-08-16 21:03 24576 ----a-w- c:\windows\system32\drivers\en-US\usbport.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 11776 ----a-w- c:\windows\system32\drivers\en-US\usbhub.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 3072 ----a-w- c:\windows\system32\drivers\en-US\usbehci.sys.mui
2016-10-11 21:00 . 2016-08-16 20:40 343552 ----a-w- c:\windows\system32\drivers\usbhub.sys
2016-10-11 21:00 . 2016-08-16 20:40 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2016-10-11 21:00 . 2016-08-16 20:40 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2016-10-11 21:00 . 2016-08-16 20:40 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2016-10-11 21:00 . 2016-08-16 20:40 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2016-10-11 21:00 . 2016-08-16 20:40 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2016-10-11 21:00 . 2016-08-16 20:40 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2016-10-11 20:57 . 2016-09-30 05:50 1018368 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2016-10-11 20:51 . 2016-09-12 21:17 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-10-11 20:50 . 2016-08-29 15:31 1941504 ----a-w- c:\windows\system32\authui.dll
2016-10-11 20:50 . 2016-08-29 15:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-10-11 20:50 . 2016-08-29 15:12 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-10-11 20:49 . 2016-07-22 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-10-11 20:49 . 2016-07-22 14:51 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-09-27 20:48 . 2016-09-27 20:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-12 04:58 . 2014-07-11 18:25 143495576 -c--a-w- c:\windows\system32\MRT.exe
2016-10-11 13:31 . 2014-07-30 17:46 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-10-11 13:31 . 2014-07-30 17:46 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-09-30 05:35 . 2016-10-11 20:57 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-09-30 05:07 . 2016-10-11 20:57 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-09-12 21:08 . 2016-10-11 20:57 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-11 20:57 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-12 20:49 . 2016-10-11 20:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-09 17:59 . 2016-10-11 20:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-21 13:23 . 2015-12-03 09:10 110424 ----a-w- c:\windows\system32\drivers\klwtp.sys
2016-08-21 13:23 . 2016-08-08 10:17 1001304 ----a-w- c:\windows\system32\drivers\klif.sys
2016-08-21 13:18 . 2016-05-05 01:43 236888 ----a-w- c:\windows\system32\drivers\klhk.sys
2016-08-16 17:36 . 2016-09-14 22:51 1009152 ----a-w- c:\windows\system32\user32.dll
2016-08-16 02:48 . 2016-09-14 22:51 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-08-12 16:46 . 2016-10-11 20:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-12 16:26 . 2016-09-14 22:53 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-12 16:26 . 2016-09-14 22:53 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-12 16:26 . 2016-09-14 22:53 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-06 15:31 . 2016-09-14 22:51 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-08-06 15:15 . 2016-09-14 22:51 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-08-05 15:30 . 2016-09-21 13:08 2048 ----a-w- c:\windows\system32\tzres.dll
2016-08-05 15:13 . 2016-09-21 13:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-07-26 12:24 . 2010-11-21 03:27 504488 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-09-12 29645440]
"cz.seznam.software.autoupdate"="c:\users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NVSTREAMKMS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-10-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-30 13:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-10-29 6843024]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-13 2585744]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-10-22 09:19:55
ComboFix-quarantined-files.txt 2016-10-22 07:19
.
Pre-Run: 177 623 646 208 bytes free
Post-Run: 176 999 981 056 bytes free
.
- - End Of File - - 354FF489E290C753DBF17B43711C7CD9
5C616939100B85E558DA92B899A0FC36
# *Updated on 06/10/2016 by ToolsLib
# *Database : 2016-10-14.1 [*Server]
# *Operating System : Windows 7 Professional Service Pack 1 (X64)
# *Username : Pc - PC-PC
# *Running from : C:\Users\Pc\Downloads\adwcleaner_6.021.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum
***** [ *Services ] *****
***** [ *Folders ] *****
[-] *Folder deleted: C:\Users\Pc\AppData\Roaming\AdvertismentImages
***** [ *Files ] *****
[-] *File deleted: C:\Windows\SysNative\rlls64.dll
[-] *File deleted: C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
[-] *File deleted: C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSU.Registry
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSU.SysUtils
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSU.Registry
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSU.SysUtils
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] *Key deleted: HKLM\SOFTWARE\SPPDCOM
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1716 *Bytes] - [15/10/2016 08:45:37]
C:\AdwCleaner\AdwCleaner[R1].txt - [810 *Bytes] - [29/09/2014 17:32:31]
C:\AdwCleaner\AdwCleaner[R2].txt - [2608 *Bytes] - [06/01/2015 01:17:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [870 *Bytes] - [29/09/2014 17:33:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [2711 *Bytes] - [06/01/2015 01:20:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [2229 *Bytes] - [14/10/2016 21:50:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2158 *Bytes] ##########
ComboFix 16-10-17.01 - Pc . 10. 2016 9:12.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.4040.2195 [GMT 2:00]
Running from: c:\users\Pc\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Anti-Virus *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-09-22 to 2016-10-22 )))))))))))))))))))))))))))))))
.
.
2016-10-22 07:17 . 2016-10-22 07:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-10-22 07:15 . 2016-10-22 07:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\offreg.5704.dll
2016-10-21 18:02 . 2016-10-06 21:42 12033040 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\mpengine.dll
2016-10-15 17:13 . 2016-10-15 17:13 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-10-15 17:10 . 2016-10-15 17:14 -------- d-----w- c:\users\Pc\AppData\Roaming\Seznam.cz
2016-10-14 13:54 . 2016-10-14 13:57 -------- d-----w- C:\FRST
2016-10-11 21:00 . 2016-08-16 21:03 24576 ----a-w- c:\windows\system32\drivers\en-US\usbport.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 11776 ----a-w- c:\windows\system32\drivers\en-US\usbhub.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 3072 ----a-w- c:\windows\system32\drivers\en-US\usbehci.sys.mui
2016-10-11 21:00 . 2016-08-16 20:40 343552 ----a-w- c:\windows\system32\drivers\usbhub.sys
2016-10-11 21:00 . 2016-08-16 20:40 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2016-10-11 21:00 . 2016-08-16 20:40 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2016-10-11 21:00 . 2016-08-16 20:40 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2016-10-11 21:00 . 2016-08-16 20:40 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2016-10-11 21:00 . 2016-08-16 20:40 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2016-10-11 21:00 . 2016-08-16 20:40 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2016-10-11 20:57 . 2016-09-30 05:50 1018368 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2016-10-11 20:51 . 2016-09-12 21:17 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-10-11 20:50 . 2016-08-29 15:31 1941504 ----a-w- c:\windows\system32\authui.dll
2016-10-11 20:50 . 2016-08-29 15:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-10-11 20:50 . 2016-08-29 15:12 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-10-11 20:49 . 2016-07-22 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-10-11 20:49 . 2016-07-22 14:51 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-09-27 20:48 . 2016-09-27 20:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-12 04:58 . 2014-07-11 18:25 143495576 -c--a-w- c:\windows\system32\MRT.exe
2016-10-11 13:31 . 2014-07-30 17:46 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-10-11 13:31 . 2014-07-30 17:46 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-09-30 05:35 . 2016-10-11 20:57 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-09-30 05:07 . 2016-10-11 20:57 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-09-12 21:08 . 2016-10-11 20:57 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-11 20:57 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-12 20:49 . 2016-10-11 20:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-09 17:59 . 2016-10-11 20:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-21 13:23 . 2015-12-03 09:10 110424 ----a-w- c:\windows\system32\drivers\klwtp.sys
2016-08-21 13:23 . 2016-08-08 10:17 1001304 ----a-w- c:\windows\system32\drivers\klif.sys
2016-08-21 13:18 . 2016-05-05 01:43 236888 ----a-w- c:\windows\system32\drivers\klhk.sys
2016-08-16 17:36 . 2016-09-14 22:51 1009152 ----a-w- c:\windows\system32\user32.dll
2016-08-16 02:48 . 2016-09-14 22:51 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-08-12 16:46 . 2016-10-11 20:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-12 16:26 . 2016-09-14 22:53 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-12 16:26 . 2016-09-14 22:53 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-12 16:26 . 2016-09-14 22:53 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-06 15:31 . 2016-09-14 22:51 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-08-06 15:15 . 2016-09-14 22:51 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-08-05 15:30 . 2016-09-21 13:08 2048 ----a-w- c:\windows\system32\tzres.dll
2016-08-05 15:13 . 2016-09-21 13:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-07-26 12:24 . 2010-11-21 03:27 504488 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-09-12 29645440]
"cz.seznam.software.autoupdate"="c:\users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NVSTREAMKMS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-10-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-30 13:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-10-29 6843024]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-13 2585744]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-10-22 09:19:55
ComboFix-quarantined-files.txt 2016-10-22 07:19
.
Pre-Run: 177 623 646 208 bytes free
Post-Run: 176 999 981 056 bytes free
.
- - End Of File - - 354FF489E290C753DBF17B43711C7CD9
5C616939100B85E558DA92B899A0FC36
Re: spomalene pc...
Odinstaluj vše od Seznam.cz.
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: spomalene pc...
ComboFix 16-10-23.01 - Pc . 10. 2016 16:53:22.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.4040.2668 [GMT 2:00]
Running from: c:\users\Pc\Desktop\ComboFix.exe
Command switches used :: c:\users\Pc\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Anti-Virus *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-09-24 to 2016-10-24 )))))))))))))))))))))))))))))))
.
.
2016-10-24 14:58 . 2016-10-24 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-10-22 14:43 . 2016-10-22 14:43 -------- d-----w- c:\users\Pc\AppData\Roaming\JAM Software
2016-10-22 14:42 . 2016-10-22 14:42 -------- d-----w- c:\program files (x86)\JAM Software
2016-10-22 07:15 . 2016-10-22 07:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\offreg.5704.dll
2016-10-21 18:02 . 2016-10-06 21:42 12033040 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\mpengine.dll
2016-10-15 17:13 . 2016-10-15 17:13 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-10-15 17:10 . 2016-10-15 17:14 -------- d-----w- c:\users\Pc\AppData\Roaming\Seznam.cz
2016-10-14 13:54 . 2016-10-14 13:57 -------- d-----w- C:\FRST
2016-10-11 21:00 . 2016-08-16 21:03 24576 ----a-w- c:\windows\system32\drivers\en-US\usbport.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 11776 ----a-w- c:\windows\system32\drivers\en-US\usbhub.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 3072 ----a-w- c:\windows\system32\drivers\en-US\usbehci.sys.mui
2016-10-11 21:00 . 2016-08-16 20:40 343552 ----a-w- c:\windows\system32\drivers\usbhub.sys
2016-10-11 21:00 . 2016-08-16 20:40 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2016-10-11 21:00 . 2016-08-16 20:40 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2016-10-11 21:00 . 2016-08-16 20:40 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2016-10-11 21:00 . 2016-08-16 20:40 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2016-10-11 21:00 . 2016-08-16 20:40 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2016-10-11 21:00 . 2016-08-16 20:40 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2016-10-11 20:57 . 2016-09-30 05:50 1018368 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2016-10-11 20:51 . 2016-09-12 21:17 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-10-11 20:50 . 2016-08-29 15:31 1941504 ----a-w- c:\windows\system32\authui.dll
2016-10-11 20:50 . 2016-08-29 15:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-10-11 20:50 . 2016-08-29 15:12 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-10-11 20:49 . 2016-07-22 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-10-11 20:49 . 2016-07-22 14:51 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-09-27 20:48 . 2016-09-27 20:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-12 04:58 . 2014-07-11 18:25 143495576 -c--a-w- c:\windows\system32\MRT.exe
2016-10-11 13:31 . 2014-07-30 17:46 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-10-11 13:31 . 2014-07-30 17:46 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-09-30 05:35 . 2016-10-11 20:57 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-09-30 05:07 . 2016-10-11 20:57 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-09-12 21:08 . 2016-10-11 20:57 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-11 20:57 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-12 20:49 . 2016-10-11 20:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-09 17:59 . 2016-10-11 20:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-21 13:23 . 2015-12-03 09:10 110424 ----a-w- c:\windows\system32\drivers\klwtp.sys
2016-08-21 13:23 . 2016-08-08 10:17 1001304 ----a-w- c:\windows\system32\drivers\klif.sys
2016-08-21 13:18 . 2016-05-05 01:43 236888 ----a-w- c:\windows\system32\drivers\klhk.sys
2016-08-16 17:36 . 2016-09-14 22:51 1009152 ----a-w- c:\windows\system32\user32.dll
2016-08-16 02:48 . 2016-09-14 22:51 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-08-12 16:46 . 2016-10-11 20:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-12 16:26 . 2016-09-14 22:53 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-12 16:26 . 2016-09-14 22:53 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-12 16:26 . 2016-09-14 22:53 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-06 15:31 . 2016-09-14 22:51 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-08-06 15:15 . 2016-09-14 22:51 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-08-05 15:30 . 2016-09-21 13:08 2048 ----a-w- c:\windows\system32\tzres.dll
2016-08-05 15:13 . 2016-09-21 13:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-09-12 29645440]
"cz.seznam.software.autoupdate"="c:\users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NVSTREAMKMS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-30 13:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-10-29 6843024]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-13 2585744]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
Completion time: 2016-10-24 17:00:50
ComboFix-quarantined-files.txt 2016-10-24 15:00
ComboFix2.txt 2016-10-22 07:19
.
Pre-Run: 183 434 321 920 bytes free
Post-Run: 183 355 297 792 bytes free
.
- - End Of File - - 9B19201AA3608149AD03522F5A8632D1
5C616939100B85E558DA92B899A0FC36
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1051.18.4040.2668 [GMT 2:00]
Running from: c:\users\Pc\Desktop\ComboFix.exe
Command switches used :: c:\users\Pc\Desktop\CFScript.txt
AV: Kaspersky Anti-Virus *Disabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
SP: Kaspersky Anti-Virus *Disabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-09-24 to 2016-10-24 )))))))))))))))))))))))))))))))
.
.
2016-10-24 14:58 . 2016-10-24 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-10-22 14:43 . 2016-10-22 14:43 -------- d-----w- c:\users\Pc\AppData\Roaming\JAM Software
2016-10-22 14:42 . 2016-10-22 14:42 -------- d-----w- c:\program files (x86)\JAM Software
2016-10-22 07:15 . 2016-10-22 07:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\offreg.5704.dll
2016-10-21 18:02 . 2016-10-06 21:42 12033040 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7371A382-408E-4500-8026-819A4196F22F}\mpengine.dll
2016-10-15 17:13 . 2016-10-15 17:13 -------- d-----w- c:\program files (x86)\Seznam.cz
2016-10-15 17:10 . 2016-10-15 17:14 -------- d-----w- c:\users\Pc\AppData\Roaming\Seznam.cz
2016-10-14 13:54 . 2016-10-14 13:57 -------- d-----w- C:\FRST
2016-10-11 21:00 . 2016-08-16 21:03 24576 ----a-w- c:\windows\system32\drivers\en-US\usbport.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 11776 ----a-w- c:\windows\system32\drivers\en-US\usbhub.sys.mui
2016-10-11 21:00 . 2016-08-16 21:03 3072 ----a-w- c:\windows\system32\drivers\en-US\usbehci.sys.mui
2016-10-11 21:00 . 2016-08-16 20:40 343552 ----a-w- c:\windows\system32\drivers\usbhub.sys
2016-10-11 21:00 . 2016-08-16 20:40 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2016-10-11 21:00 . 2016-08-16 20:40 56320 ----a-w- c:\windows\system32\drivers\usbehci.sys
2016-10-11 21:00 . 2016-08-16 20:40 327168 ----a-w- c:\windows\system32\drivers\usbport.sys
2016-10-11 21:00 . 2016-08-16 20:40 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2016-10-11 21:00 . 2016-08-16 20:40 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2016-10-11 21:00 . 2016-08-16 20:40 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2016-10-11 20:57 . 2016-09-30 05:50 1018368 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2016-10-11 20:51 . 2016-09-12 21:17 77032 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-10-11 20:50 . 2016-08-29 15:31 1941504 ----a-w- c:\windows\system32\authui.dll
2016-10-11 20:50 . 2016-08-29 15:12 1499648 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-10-11 20:50 . 2016-08-29 15:12 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-10-11 20:49 . 2016-07-22 14:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-10-11 20:49 . 2016-07-22 14:51 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-09-27 20:48 . 2016-09-27 20:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-10-12 04:58 . 2014-07-11 18:25 143495576 -c--a-w- c:\windows\system32\MRT.exe
2016-10-11 13:31 . 2014-07-30 17:46 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-10-11 13:31 . 2014-07-30 17:46 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-09-30 05:35 . 2016-10-11 20:57 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-09-30 05:07 . 2016-10-11 20:57 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-09-12 21:08 . 2016-10-11 20:57 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-12 20:49 . 2016-10-11 20:57 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-12 20:49 . 2016-10-11 20:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-09 17:59 . 2016-10-11 20:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-21 13:23 . 2015-12-03 09:10 110424 ----a-w- c:\windows\system32\drivers\klwtp.sys
2016-08-21 13:23 . 2016-08-08 10:17 1001304 ----a-w- c:\windows\system32\drivers\klif.sys
2016-08-21 13:18 . 2016-05-05 01:43 236888 ----a-w- c:\windows\system32\drivers\klhk.sys
2016-08-16 17:36 . 2016-09-14 22:51 1009152 ----a-w- c:\windows\system32\user32.dll
2016-08-16 02:48 . 2016-09-14 22:51 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-08-12 16:46 . 2016-10-11 20:57 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-12 16:26 . 2016-09-14 22:53 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-12 16:26 . 2016-09-14 22:53 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-12 16:26 . 2016-09-14 22:53 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-06 15:31 . 2016-09-14 22:51 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-08-06 15:15 . 2016-09-14 22:51 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-08-05 15:30 . 2016-09-21 13:08 2048 ----a-w- c:\windows\system32\tzres.dll
2016-08-05 15:13 . 2016-09-21 13:08 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-12-12 7394584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-09-12 29645440]
"cz.seznam.software.autoupdate"="c:\users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 klvssbrigde64;klvssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NVSTREAMKMS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-30 13:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-10-29 6843024]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-13 2585744]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
Completion time: 2016-10-24 17:00:50
ComboFix-quarantined-files.txt 2016-10-24 15:00
ComboFix2.txt 2016-10-22 07:19
.
Pre-Run: 183 434 321 920 bytes free
Post-Run: 183 355 297 792 bytes free
.
- - End Of File - - 9B19201AA3608149AD03522F5A8632D1
5C616939100B85E558DA92B899A0FC36
Re: spomalene pc...
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jak se PC chová.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jak se PC chová.
Re: spomalene pc...
Je to podstatne lepsie!!! Dik!
Este nejaky tip, alebo myslis ze zatial staci?
Este nejaky tip, alebo myslis ze zatial staci?
Re: spomalene pc...
Jak je libo..
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pc at 2016-10-27 17:48:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 184 GB (39%) free of 477 GB
Total RAM: 4040 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:15, on 27. 10. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe
C:\Program Files\trend micro\Pc.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/SK/Core/ ... _Win32.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9073 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
C:\Windows\System32\svchost.exe -k utcsvc
"taskhost.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 977601f2-9db5-4eae-9ca8-454912399d56 1
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
\??\C:\Windows\system32\conhost.exe "1924852779119003523718220090592025285517160817655-7571559751044612798-36952962
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1974319855-109932188-18307331361003274208-1020063366-10083863679711264-1936312040
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Windows\explorer.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="7500.0.731456490\1484129527" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 7500 "\\.\pipe\gecko-crash-server-pipe.7500" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe" --proxy-stub-channel=Flash3104.67286DB8.18455 --host-broker-channel=Flash3104.67286DB8.26319 --host-pid=3104 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe" --channel=5232.0087F870.833544932 --proxy-stub-channel=Flash3104.67286DB8.18455 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll" --host-npapi-version=29 --type=renderer
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe80_ Global\UsGthrCtrlFltPipeMssGthrPipe80 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Pc\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\extensions\
2020Player_IKEA@2020Technologies.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22 969696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22 749024]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-18 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22 969696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22 749024]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-10-29 6843024]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-13 2585744]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-09-12 29645440]
"cz.seznam.software.autoupdate"=C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-12 441344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=60
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-10-27 17:48:07 ----D---- C:\Program Files\trend micro
2016-10-27 17:48:06 ----D---- C:\rsit
2016-10-22 16:43:13 ----D---- C:\Users\Pc\AppData\Roaming\JAM Software
2016-10-22 16:42:36 ----D---- C:\Program Files (x86)\JAM Software
2016-10-21 07:22:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-15 19:13:57 ----D---- C:\Program Files (x86)\Seznam.cz
2016-10-15 19:10:04 ----D---- C:\Users\Pc\AppData\Roaming\Seznam.cz
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-11 22:58:56 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 22:58:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-11 22:58:49 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 22:58:48 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 22:58:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-11 22:58:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-11 22:58:44 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 22:58:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-11 22:58:43 ----A---- C:\Windows\system32\mf.dll
2016-10-11 22:58:42 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-11 22:58:42 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 22:58:41 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-11 22:58:41 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 22:58:41 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 22:58:41 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 22:58:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-11 22:58:40 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-11 22:58:40 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 22:58:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 22:58:38 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-11 22:58:38 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 22:58:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-11 22:58:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-11 22:58:37 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 22:58:37 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 22:58:37 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 22:58:36 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-11 22:58:36 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-11 22:58:36 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 22:58:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 22:58:35 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 22:58:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-11 22:58:34 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-11 22:58:34 ----A---- C:\Windows\system32\evr.dll
2016-10-11 22:58:34 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 22:58:33 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-11 22:58:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-11 22:58:33 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-11 22:58:33 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 22:58:33 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 22:58:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 22:58:32 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-11 22:58:32 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 22:58:32 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 22:58:32 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 22:58:31 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 22:58:31 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 22:58:31 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 22:58:30 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-11 22:58:30 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-11 22:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 22:58:29 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-11 22:58:28 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 22:58:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-11 22:58:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 22:58:26 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-11 22:58:26 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-11 22:58:26 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 22:58:25 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 22:58:24 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-11 22:58:24 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 22:58:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-11 22:58:23 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 22:58:22 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-11 22:58:22 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 22:58:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-11 22:58:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-11 22:58:20 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 22:58:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-11 22:58:19 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 22:58:19 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 22:58:19 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 22:58:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-11 22:58:18 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 22:58:17 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-11 22:58:16 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-11 22:58:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-11 22:58:15 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 22:58:15 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 22:58:15 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 22:58:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-11 22:58:14 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 22:58:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 22:58:13 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 22:58:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 22:58:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 22:58:12 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-11 22:58:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-11 22:58:12 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-11 22:58:12 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 22:58:11 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-11 22:58:11 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 22:58:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-11 22:58:10 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 22:58:09 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 22:58:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-11 22:58:08 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 22:58:08 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 22:58:08 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 22:58:08 ----A---- C:\Windows\system32\certcli.dll
2016-10-11 22:58:07 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-11 22:58:07 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-11 22:58:07 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-11 22:58:07 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 22:58:07 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 22:58:07 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 22:58:07 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 22:58:06 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-11 22:58:04 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-11 22:58:03 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 22:58:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-11 22:58:01 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 22:58:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 22:58:00 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 22:58:00 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 22:57:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-11 22:57:59 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-11 22:57:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 22:57:59 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 22:57:59 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 22:57:56 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 22:57:56 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 22:57:54 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-11 22:57:54 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 22:57:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-11 22:57:53 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 22:57:52 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 22:57:52 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 22:57:52 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 22:57:51 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 22:57:50 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 22:57:49 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-11 22:57:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-11 22:57:48 ----A---- C:\Windows\system32\occache.dll
2016-10-11 22:57:48 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 22:57:48 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 22:57:47 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-11 22:57:45 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-11 22:57:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-11 22:57:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-11 22:57:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-11 22:57:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-11 22:57:44 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 22:57:44 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 22:57:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-11 22:57:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-11 22:57:43 ----A---- C:\Windows\system32\smss.exe
2016-10-11 22:57:43 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 22:57:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 22:57:42 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 22:57:41 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 22:57:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 22:57:41 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 22:57:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-11 22:57:40 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 22:57:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 22:57:37 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-11 22:57:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-11 22:57:37 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 22:57:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-11 22:57:36 ----A---- C:\Windows\system32\kernel32.dll
2016-10-11 22:57:36 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 22:57:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-11 22:57:34 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 22:57:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 22:57:34 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 22:57:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-11 22:57:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-11 22:57:33 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 22:57:33 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 22:57:33 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 22:57:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-11 22:57:32 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-11 22:57:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 22:57:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 22:57:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 22:57:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-11 22:57:31 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\wow64win.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\winsrv.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 22:57:27 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-11 22:57:27 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 22:57:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-11 22:57:26 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-11 22:57:26 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 22:57:26 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 22:57:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-11 22:57:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-11 22:57:25 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 22:57:25 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 22:57:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-11 22:57:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-11 22:57:24 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 22:57:24 ----A---- C:\Windows\system32\conhost.exe
2016-10-11 22:57:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-11 22:57:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-11 22:57:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-11 22:57:23 ----A---- C:\Windows\system32\wow64.dll
2016-10-11 22:57:23 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 22:57:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-11 22:57:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-11 22:57:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 22:57:22 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 22:57:20 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 22:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-11 22:57:19 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-11 22:57:19 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 22:57:19 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 22:57:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-11 22:57:18 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-11 22:57:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-11 22:57:18 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 22:57:18 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-11 22:57:18 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57:17 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-11 22:57:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-11 22:57:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-11 22:57:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-11 22:57:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 22:57:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-11 22:57:13 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 22:57:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-11 22:57:07 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 22:57:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-11 22:57:05 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 22:57:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 22:51:13 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 22:51:12 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 22:51:12 ----A---- C:\Windows\system32\centel.dll
2016-10-11 22:51:12 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 22:51:04 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 22:51:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-11 22:51:01 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-11 22:51:01 ----A---- C:\Windows\explorer.exe
2016-10-11 22:51:00 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 22:50:59 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-11 22:50:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-11 22:50:59 ----A---- C:\Windows\system32\authui.dll
2016-10-11 22:49:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-11 22:49:51 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2016-10-27 17:48:07 ----RD---- C:\Program Files
2016-10-27 17:48:05 ----D---- C:\Windows\Temp
2016-10-27 17:46:10 ----D---- C:\ProgramData\Kaspersky Lab
2016-10-27 17:44:39 ----D---- C:\Windows\system32\config
2016-10-27 17:41:51 ----D---- C:\Windows\Prefetch
2016-10-27 17:39:03 ----D---- C:\Windows\SysWOW64
2016-10-27 17:38:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-27 17:38:43 ----D---- C:\Windows\system32\Macromed
2016-10-27 17:38:34 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-26 21:34:23 ----D---- C:\Windows
2016-10-26 21:32:42 ----SHD---- C:\System Volume Information
2016-10-26 21:30:18 ----D---- C:\Users\Pc\AppData\Roaming\FileAdvisor
2016-10-24 16:58:40 ----A---- C:\Windows\system.ini
2016-10-24 16:56:55 ----D---- C:\Windows\SYSWOW64\drivers
2016-10-24 16:56:55 ----D---- C:\Windows\AppPatch
2016-10-24 16:56:54 ----D---- C:\Program Files (x86)\Common Files
2016-10-24 16:52:33 ----D---- C:\Windows\system32\catroot2
2016-10-23 20:36:12 ----D---- C:\Windows\System32
2016-10-23 20:36:12 ----D---- C:\Windows\inf
2016-10-23 20:36:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-22 16:42:36 ----RD---- C:\Program Files (x86)
2016-10-22 15:48:34 ----D---- C:\Windows\system32\NDF
2016-10-22 10:09:39 ----D---- C:\Users\Pc\AppData\Roaming\vlc
2016-10-22 09:15:05 ----D---- C:\ProgramData\TEMP
2016-10-22 09:09:14 ----D---- C:\Windows\system32\drivers
2016-10-21 15:48:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-19 21:32:41 ----D---- C:\Users\Pc\AppData\Roaming\Skype
2016-10-19 19:41:54 ----D---- C:\Users\Pc\AppData\Roaming\SoftGrid Client
2016-10-15 19:19:52 ----D---- C:\audiograbber
2016-10-15 08:50:44 ----A---- C:\Windows\SYSWOW64\log.txt
2016-10-15 08:46:46 ----D---- C:\ProgramData\NVIDIA
2016-10-14 21:24:46 ----D---- C:\Windows\debug
2016-10-13 09:25:16 ----D---- C:\Windows\rescache
2016-10-12 07:49:52 ----D---- C:\Windows\winsxs
2016-10-12 07:36:26 ----D---- C:\Windows\Microsoft.NET
2016-10-12 07:35:54 ----RSD---- C:\Windows\assembly
2016-10-12 07:26:47 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-12 07:26:47 ----D---- C:\Config.Msi
2016-10-12 07:26:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 07:23:41 ----D---- C:\Windows\SYSWOW64\bg-BG
2016-10-12 07:23:41 ----D---- C:\Program Files\Windows Media Player
2016-10-12 07:23:41 ----D---- C:\Program Files\Internet Explorer
2016-10-12 07:23:41 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-12 07:23:41 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\sl-SI
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\ro-RO
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\hr-HR
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\el-GR
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-12 07:23:39 ----D---- C:\Windows\system32\pl-PL
2016-10-12 07:23:39 ----D---- C:\Windows\system32\bg-BG
2016-10-12 07:23:38 ----D---- C:\Windows\system32\sl-SI
2016-10-12 07:23:38 ----D---- C:\Windows\system32\sk-SK
2016-10-12 07:23:38 ----D---- C:\Windows\system32\ru-RU
2016-10-12 07:23:38 ----D---- C:\Windows\system32\ro-RO
2016-10-12 07:23:38 ----D---- C:\Windows\system32\nl-NL
2016-10-12 07:23:38 ----D---- C:\Windows\system32\hu-HU
2016-10-12 07:23:38 ----D---- C:\Windows\system32\hr-HR
2016-10-12 07:23:38 ----D---- C:\Windows\system32\en-US
2016-10-12 07:23:38 ----D---- C:\Windows\system32\el-GR
2016-10-12 07:23:38 ----D---- C:\Windows\system32\Dism
2016-10-12 07:23:38 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 07:23:36 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 07:23:36 ----D---- C:\Windows\system32\drivers\en-US
2016-10-12 07:23:36 ----D---- C:\Windows\system32\Boot
2016-10-12 07:23:36 ----D---- C:\Windows\system32\appraiser
2016-10-12 07:23:35 ----D---- C:\Windows\sk-SK
2016-10-12 07:23:34 ----D---- C:\Windows\system32\DriverStore
2016-10-12 07:04:37 ----SHD---- C:\Windows\Installer
2016-10-12 07:04:22 ----D---- C:\ProgramData\Microsoft Help
2016-10-12 07:03:45 ----D---- C:\Windows\system32\MRT
2016-10-12 06:58:26 ----AC---- C:\Windows\system32\MRT.exe
2016-10-12 06:51:07 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79240]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2016-08-21 236888]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-08-21 1001304]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-05-05 50776]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 65208]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2016-08-21 110424]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-08-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 416072]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-10-31 4201104]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-12-11 182152]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-10-13 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-27 883928]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-12 5337184]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-13 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-13 933168]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-10-13 416432]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-11 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pc at 2016-10-27 17:48:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 184 GB (39%) free of 477 GB
Total RAM: 4040 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:15, on 27. 10. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe
C:\Program Files\trend micro\Pc.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/SK/Core/ ... _Win32.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9073 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
C:\Windows\System32\svchost.exe -k utcsvc
"taskhost.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 977601f2-9db5-4eae-9ca8-454912399d56 1
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
\??\C:\Windows\system32\conhost.exe "1924852779119003523718220090592025285517160817655-7571559751044612798-36952962
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1974319855-109932188-18307331361003274208-1020063366-10083863679711264-1936312040
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
C:\Windows\explorer.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="7500.0.731456490\1484129527" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 7500 "\\.\pipe\gecko-crash-server-pipe.7500" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe" --proxy-stub-channel=Flash3104.67286DB8.18455 --host-broker-channel=Flash3104.67286DB8.26319 --host-pid=3104 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_205.exe" --channel=5232.0087F870.833544932 --proxy-stub-channel=Flash3104.67286DB8.18455 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll" --host-npapi-version=29 --type=renderer
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe80_ Global\UsGthrCtrlFltPipeMssGthrPipe80 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Pc\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\2cek8mvi.default\extensions\
2020Player_IKEA@2020Technologies.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22 969696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22 749024]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-18 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-18 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22 969696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22 749024]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-10-29 6843024]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-13 2585744]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-09-12 29645440]
"cz.seznam.software.autoupdate"=C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Pc\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-12 441344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=60
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-10-27 17:48:07 ----D---- C:\Program Files\trend micro
2016-10-27 17:48:06 ----D---- C:\rsit
2016-10-22 16:43:13 ----D---- C:\Users\Pc\AppData\Roaming\JAM Software
2016-10-22 16:42:36 ----D---- C:\Program Files (x86)\JAM Software
2016-10-21 07:22:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-15 19:13:57 ----D---- C:\Program Files (x86)\Seznam.cz
2016-10-15 19:10:04 ----D---- C:\Users\Pc\AppData\Roaming\Seznam.cz
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 23:00:49 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-11 22:58:56 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 22:58:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-11 22:58:49 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 22:58:48 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 22:58:46 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-11 22:58:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-11 22:58:44 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 22:58:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-11 22:58:43 ----A---- C:\Windows\system32\mf.dll
2016-10-11 22:58:42 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-11 22:58:42 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 22:58:41 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-11 22:58:41 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 22:58:41 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 22:58:41 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 22:58:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-11 22:58:40 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-11 22:58:40 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 22:58:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 22:58:38 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-11 22:58:38 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 22:58:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-11 22:58:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-11 22:58:37 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 22:58:37 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 22:58:37 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 22:58:36 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-11 22:58:36 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-11 22:58:36 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 22:58:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 22:58:35 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 22:58:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-11 22:58:34 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-11 22:58:34 ----A---- C:\Windows\system32\evr.dll
2016-10-11 22:58:34 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 22:58:33 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-11 22:58:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-11 22:58:33 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-11 22:58:33 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 22:58:33 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 22:58:33 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 22:58:32 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-11 22:58:32 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 22:58:32 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 22:58:32 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 22:58:31 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 22:58:31 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 22:58:31 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 22:58:30 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-11 22:58:30 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-11 22:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 22:58:29 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-11 22:58:28 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 22:58:27 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-11 22:58:27 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 22:58:26 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-11 22:58:26 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-11 22:58:26 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 22:58:25 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 22:58:24 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-11 22:58:24 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 22:58:23 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-11 22:58:23 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 22:58:22 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-11 22:58:22 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 22:58:22 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 22:58:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-11 22:58:20 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-11 22:58:20 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 22:58:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-11 22:58:19 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 22:58:19 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 22:58:19 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 22:58:18 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-11 22:58:18 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 22:58:17 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-11 22:58:16 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-11 22:58:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-11 22:58:15 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 22:58:15 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 22:58:15 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 22:58:14 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-11 22:58:14 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 22:58:14 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 22:58:13 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 22:58:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 22:58:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 22:58:12 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-11 22:58:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-11 22:58:12 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-11 22:58:12 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 22:58:11 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-11 22:58:11 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 22:58:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-11 22:58:10 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 22:58:09 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 22:58:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-11 22:58:08 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 22:58:08 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 22:58:08 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 22:58:08 ----A---- C:\Windows\system32\certcli.dll
2016-10-11 22:58:07 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-11 22:58:07 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-11 22:58:07 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-11 22:58:07 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 22:58:07 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 22:58:07 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 22:58:07 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 22:58:06 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-11 22:58:04 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-11 22:58:03 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 22:58:01 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-11 22:58:01 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 22:58:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 22:58:00 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 22:58:00 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 22:57:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-11 22:57:59 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-11 22:57:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 22:57:59 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 22:57:59 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 22:57:56 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 22:57:56 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 22:57:54 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-11 22:57:54 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 22:57:53 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-11 22:57:53 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 22:57:52 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 22:57:52 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 22:57:52 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 22:57:51 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 22:57:50 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 22:57:49 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-11 22:57:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-11 22:57:48 ----A---- C:\Windows\system32\occache.dll
2016-10-11 22:57:48 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 22:57:48 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 22:57:47 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-11 22:57:45 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-11 22:57:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-11 22:57:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-11 22:57:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-11 22:57:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-11 22:57:44 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 22:57:44 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 22:57:43 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-11 22:57:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-11 22:57:43 ----A---- C:\Windows\system32\smss.exe
2016-10-11 22:57:43 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 22:57:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 22:57:42 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 22:57:41 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 22:57:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 22:57:41 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 22:57:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-11 22:57:40 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 22:57:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 22:57:37 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-11 22:57:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-11 22:57:37 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 22:57:36 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-11 22:57:36 ----A---- C:\Windows\system32\kernel32.dll
2016-10-11 22:57:36 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 22:57:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-11 22:57:34 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 22:57:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 22:57:34 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 22:57:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-11 22:57:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-11 22:57:33 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 22:57:33 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 22:57:33 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 22:57:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-11 22:57:32 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-11 22:57:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 22:57:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 22:57:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 22:57:31 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-11 22:57:31 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\wow64win.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\winsrv.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-11 22:57:31 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 22:57:27 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-11 22:57:27 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 22:57:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-11 22:57:26 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-11 22:57:26 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 22:57:26 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 22:57:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-11 22:57:25 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-11 22:57:25 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 22:57:25 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 22:57:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-11 22:57:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-11 22:57:24 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 22:57:24 ----A---- C:\Windows\system32\conhost.exe
2016-10-11 22:57:23 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-11 22:57:23 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-11 22:57:23 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-11 22:57:23 ----A---- C:\Windows\system32\wow64.dll
2016-10-11 22:57:23 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 22:57:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-11 22:57:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-11 22:57:22 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 22:57:22 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 22:57:20 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 22:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-11 22:57:19 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-11 22:57:19 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 22:57:19 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 22:57:19 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 22:57:18 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-11 22:57:18 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-11 22:57:18 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-11 22:57:18 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 22:57:18 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-11 22:57:18 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-11 22:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-11 22:57:17 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-11 22:57:17 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-11 22:57:17 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-11 22:57:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-11 22:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-11 22:57:16 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-11 22:57:16 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 22:57:13 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-11 22:57:13 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 22:57:07 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-11 22:57:07 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 22:57:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-11 22:57:05 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 22:57:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 22:51:13 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 22:51:13 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 22:51:12 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 22:51:12 ----A---- C:\Windows\system32\centel.dll
2016-10-11 22:51:12 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 22:51:04 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 22:51:02 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-11 22:51:01 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-11 22:51:01 ----A---- C:\Windows\explorer.exe
2016-10-11 22:51:00 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 22:50:59 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-11 22:50:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-11 22:50:59 ----A---- C:\Windows\system32\authui.dll
2016-10-11 22:49:51 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-11 22:49:51 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2016-10-27 17:48:07 ----RD---- C:\Program Files
2016-10-27 17:48:05 ----D---- C:\Windows\Temp
2016-10-27 17:46:10 ----D---- C:\ProgramData\Kaspersky Lab
2016-10-27 17:44:39 ----D---- C:\Windows\system32\config
2016-10-27 17:41:51 ----D---- C:\Windows\Prefetch
2016-10-27 17:39:03 ----D---- C:\Windows\SysWOW64
2016-10-27 17:38:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-27 17:38:43 ----D---- C:\Windows\system32\Macromed
2016-10-27 17:38:34 ----D---- C:\Windows\SYSWOW64\Macromed
2016-10-26 21:34:23 ----D---- C:\Windows
2016-10-26 21:32:42 ----SHD---- C:\System Volume Information
2016-10-26 21:30:18 ----D---- C:\Users\Pc\AppData\Roaming\FileAdvisor
2016-10-24 16:58:40 ----A---- C:\Windows\system.ini
2016-10-24 16:56:55 ----D---- C:\Windows\SYSWOW64\drivers
2016-10-24 16:56:55 ----D---- C:\Windows\AppPatch
2016-10-24 16:56:54 ----D---- C:\Program Files (x86)\Common Files
2016-10-24 16:52:33 ----D---- C:\Windows\system32\catroot2
2016-10-23 20:36:12 ----D---- C:\Windows\System32
2016-10-23 20:36:12 ----D---- C:\Windows\inf
2016-10-23 20:36:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-22 16:42:36 ----RD---- C:\Program Files (x86)
2016-10-22 15:48:34 ----D---- C:\Windows\system32\NDF
2016-10-22 10:09:39 ----D---- C:\Users\Pc\AppData\Roaming\vlc
2016-10-22 09:15:05 ----D---- C:\ProgramData\TEMP
2016-10-22 09:09:14 ----D---- C:\Windows\system32\drivers
2016-10-21 15:48:03 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-19 21:32:41 ----D---- C:\Users\Pc\AppData\Roaming\Skype
2016-10-19 19:41:54 ----D---- C:\Users\Pc\AppData\Roaming\SoftGrid Client
2016-10-15 19:19:52 ----D---- C:\audiograbber
2016-10-15 08:50:44 ----A---- C:\Windows\SYSWOW64\log.txt
2016-10-15 08:46:46 ----D---- C:\ProgramData\NVIDIA
2016-10-14 21:24:46 ----D---- C:\Windows\debug
2016-10-13 09:25:16 ----D---- C:\Windows\rescache
2016-10-12 07:49:52 ----D---- C:\Windows\winsxs
2016-10-12 07:36:26 ----D---- C:\Windows\Microsoft.NET
2016-10-12 07:35:54 ----RSD---- C:\Windows\assembly
2016-10-12 07:26:47 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-12 07:26:47 ----D---- C:\Config.Msi
2016-10-12 07:26:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 07:23:41 ----D---- C:\Windows\SYSWOW64\bg-BG
2016-10-12 07:23:41 ----D---- C:\Program Files\Windows Media Player
2016-10-12 07:23:41 ----D---- C:\Program Files\Internet Explorer
2016-10-12 07:23:41 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-12 07:23:41 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\sl-SI
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\ro-RO
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\hr-HR
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\el-GR
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-12 07:23:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-10-12 07:23:39 ----D---- C:\Windows\system32\pl-PL
2016-10-12 07:23:39 ----D---- C:\Windows\system32\bg-BG
2016-10-12 07:23:38 ----D---- C:\Windows\system32\sl-SI
2016-10-12 07:23:38 ----D---- C:\Windows\system32\sk-SK
2016-10-12 07:23:38 ----D---- C:\Windows\system32\ru-RU
2016-10-12 07:23:38 ----D---- C:\Windows\system32\ro-RO
2016-10-12 07:23:38 ----D---- C:\Windows\system32\nl-NL
2016-10-12 07:23:38 ----D---- C:\Windows\system32\hu-HU
2016-10-12 07:23:38 ----D---- C:\Windows\system32\hr-HR
2016-10-12 07:23:38 ----D---- C:\Windows\system32\en-US
2016-10-12 07:23:38 ----D---- C:\Windows\system32\el-GR
2016-10-12 07:23:38 ----D---- C:\Windows\system32\Dism
2016-10-12 07:23:38 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 07:23:36 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 07:23:36 ----D---- C:\Windows\system32\drivers\en-US
2016-10-12 07:23:36 ----D---- C:\Windows\system32\Boot
2016-10-12 07:23:36 ----D---- C:\Windows\system32\appraiser
2016-10-12 07:23:35 ----D---- C:\Windows\sk-SK
2016-10-12 07:23:34 ----D---- C:\Windows\system32\DriverStore
2016-10-12 07:04:37 ----SHD---- C:\Windows\Installer
2016-10-12 07:04:22 ----D---- C:\ProgramData\Microsoft Help
2016-10-12 07:03:45 ----D---- C:\Windows\system32\MRT
2016-10-12 06:58:26 ----AC---- C:\Windows\system32\MRT.exe
2016-10-12 06:51:07 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79240]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2016-08-21 236888]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-08-21 1001304]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-05-05 50776]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 65208]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2016-08-21 110424]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-08-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 416072]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-10-31 4201104]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-12-11 182152]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-10-13 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-08-27 883928]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 60288]
S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\Windows\system32\DRIVERS\avcstrm.sys [2009-07-14 17664]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-12 5337184]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\Windows\system32\DRIVERS\mstape.sys [2009-07-14 56448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-13 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-13 933168]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-10-13 416432]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-11 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Re: spomalene pc...
Jak jsem již psal, odinstaluj vše od Seznam.cz, protože to tam pořád je.
Spusť skener Cure It podle TOHOTO návodu
po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.
(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)
Spusť skener Cure It podle TOHOTO návodu
po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.
(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)
Re: spomalene pc...
Nerozumiem. Ako odinstalovat vsetko od seznam.cz??
Re: spomalene pc...
Total 73863615590 bytes in 155806 files scanned (190615 objects)
Total 155770 files (190572 objects) are clean
There are no infected objects detected
Total 41 files are raised error condition
Scan time is 00:19:46.338
Total 155770 files (190572 objects) are clean
There are no infected objects detected
Total 41 files are raised error condition
Scan time is 00:19:46.338