Udělal jsem LOG pomocí FRST64. Již delší dobu mám na jednom procesu stále 25% CPU. Pokud ho natvrdo ukončím, tak mi někdy občas začne blbout Chrome, nejdou přehrávat videa na Youtube, nejdou zapnout aplikace... Ale jen občas a je to divné. Při spuštění systému ten divný svchost.exe není okamžitě spuštěn. Jako první se spustí nějaký windows trustedinstaller a po chvilce zapne právě problémový proces. Prosím, kde je problém?
Děkuji
_________________________________________________________________
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Martin (administrator) on MARTIN-PC (13-11-2016 12:55:24)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Flux Software LLC) C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-27] (COMODO)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2015-11-07] (Authentec Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-10] (Google Inc.)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [f.lux] => C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-11-29] (Flux Software LLC)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [Spotify Web Helper] => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-11] (Spotify Ltd)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [Spotify] => C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-11-11] (Spotify Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2016-04-29]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{CD4BE258-B244-44B5-81D9-17F079AEB7BA}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{CD4BE258-B244-44B5-81D9-17F079AEB7BA}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{E6A42517-CDA7-4B46-83A2-05531048CCEC}: [DhcpNameServer] 10.100.100.6 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-688125412-1392623046-1406436169-1000: SkypePlugin -> C:\Users\Martin\AppData\Local\SkypePlugin\7.11.0.39\npGatewayNpapi.dll [2015-11-26] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-688125412-1392623046-1406436169-1000: SkypePlugin64 -> C:\Users\Martin\AppData\Local\SkypePlugin\7.11.0.39\npGatewayNpapi-x64.dll [2015-11-26] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2016-11-13]
CHR Extension: (Překladač Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-06]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-09]
CHR Extension: (Speed Dial 2) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-06]
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2016-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Teamwork Projects for Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okekkfbjgdmfmogicbhdechdmkfhfphc [2016-11-11]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-22]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-13]
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-10]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-10]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-10]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-10]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-10]
CHR Extension: (Speed Dial 2) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-11-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-10]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-10]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\System Profile [2016-11-10]
CHR HKU\S-1-5-21-688125412-1392623046-1406436169-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-27] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-27] (COMODO)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-10-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-07] (Lenovo)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-10-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56976 2016-08-31] (COMODO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-08-31] (COMODO)
R3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2016-03-08] ( )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-13 12:55 - 2016-11-13 12:55 - 00018928 _____ C:\Users\Martin\Desktop\FRST.txt
2016-11-13 12:54 - 2016-11-13 12:55 - 00000000 ____D C:\FRST
2016-11-13 12:53 - 2016-11-13 12:53 - 02411520 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-11-12 17:36 - 2016-11-12 17:36 - 00113820 _____ C:\Users\Martin\Desktop\102354_Product_Sheet_A4_BeoLab18_UK_2pg_Final_low.pdf
2016-11-11 12:12 - 2016-11-12 18:01 - 00000000 ____D C:\Users\Martin\Desktop\aa
2016-11-10 21:27 - 2016-11-10 21:27 - 00019722 _____ C:\Users\Martin\Desktop\[CzT]Skola_ro_c_ku_The_School_of_Rock_2003_CZ_.torrent
2016-11-10 21:26 - 2016-11-10 21:26 - 00018489 _____ C:\Users\Martin\Desktop\[CzT]Kralove_ro_c_ku_Tenacious_D_The_Pick_of_Destiny_2006_.torrent
2016-11-10 18:37 - 2016-11-10 18:37 - 03506689 _____ C:\Users\Martin\Downloads\gramblr2_win64.zip
2016-11-10 17:22 - 2016-11-10 17:26 - 01699322 _____ C:\Users\Martin\Desktop\Export.ai
2016-11-10 16:57 - 2016-11-10 16:58 - 00000600 _____ C:\Users\Martin\AppData\Local\PUTTY.RND
2016-11-10 16:55 - 2016-11-10 16:55 - 06668096 _____ (Tim Kosse) C:\Users\Martin\Downloads\FileZilla_3.22.2.2_win64-setup.exe
2016-11-10 13:47 - 2016-11-10 17:39 - 00824272 _____ C:\Users\Martin\Desktop\Like.ai
2016-11-09 21:15 - 2016-11-09 21:17 - 34278647 _____ C:\Users\Martin\Desktop\CLRBrowserSourcePlugin-20140909x64.7z
2016-11-09 20:46 - 2016-11-09 20:51 - 90894256 _____ C:\Users\Martin\Desktop\OBS-Studio-0.14.1-With-Browser-Installer.exe
2016-11-09 20:19 - 2016-11-11 21:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2016-11-09 20:18 - 2016-11-09 21:21 - 00001198 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-11-09 20:18 - 2016-11-09 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-11-09 20:18 - 2016-11-09 20:18 - 00000000 ____D C:\Program Files (x86)\obs-studio
2016-10-29 18:25 - 2016-10-29 18:57 - 00000000 ____D C:\Users\Martin\Desktop\Inspirace
2016-10-29 16:05 - 2016-10-29 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plane Arcade
2016-10-27 16:11 - 2016-10-29 15:49 - 00000000 ____D C:\Users\Martin\Desktop\Inspirace_data
2016-10-27 07:35 - 2016-10-27 11:47 - 3580034928 _____ C:\Users\Martin\Desktop\DATA_Z_OKAY.zip
2016-10-24 21:10 - 2016-11-13 10:51 - 00000000 ____D C:\Users\Martin\AppData\Local\Spotify
2016-10-24 21:10 - 2016-10-24 21:10 - 00001772 _____ C:\Users\Martin\Desktop\Spotify.lnk
2016-10-24 21:10 - 2016-10-24 21:10 - 00001758 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-24 21:08 - 2016-11-13 10:52 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Spotify
2016-10-23 20:46 - 2016-10-23 20:46 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-23 20:46 - 2016-10-23 20:46 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-23 20:46 - 2016-10-23 20:46 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-23 20:46 - 2016-10-23 20:46 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-23 20:46 - 2016-10-23 20:46 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-23 20:46 - 2016-10-23 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-23 20:46 - 2016-10-23 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-23 20:46 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-23 20:46 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-23 20:46 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-23 20:46 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-23 20:39 - 2016-10-23 20:39 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-23 20:39 - 2016-10-23 20:39 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-19 18:21 - 2016-10-19 18:21 - 00262144 _____ C:\Windows\Minidump\101916-7534-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-13 12:54 - 2016-01-25 19:40 - 00202080 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-11-13 12:51 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-13 12:51 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-13 12:50 - 2015-11-06 22:13 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-11-13 12:49 - 2011-04-12 09:34 - 00736052 _____ C:\Windows\system32\perfh005.dat
2016-11-13 12:49 - 2011-04-12 09:34 - 00192278 _____ C:\Windows\system32\perfc005.dat
2016-11-13 12:49 - 2009-07-14 06:13 - 01703362 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-13 12:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-13 12:24 - 2015-11-06 19:15 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-13 11:01 - 2015-11-06 20:08 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-13 10:51 - 2015-11-06 19:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-13 10:50 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-13 10:36 - 2009-07-14 06:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-12 22:42 - 2015-11-07 11:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2016-11-12 22:42 - 2015-11-06 18:03 - 00000000 ____D C:\Users\Martin
2016-11-11 22:19 - 2016-04-18 09:53 - 00000000 ____D C:\Users\Martin\AppData\Roaming\FileZilla
2016-11-11 18:04 - 2015-11-07 20:01 - 00001480 _____ C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-11-10 21:27 - 2015-11-06 19:17 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 21:27 - 2015-11-06 19:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-08 18:50 - 2016-05-29 20:57 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 17:08 - 2015-11-11 20:19 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2016-11-07 09:31 - 2015-11-06 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-05 18:04 - 2016-05-29 20:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 18:01 - 2015-11-06 19:15 - 00000000 ____D C:\Users\Martin\AppData\Local\Google
2016-10-31 18:53 - 2016-04-24 17:05 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-10-27 08:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-10-24 17:32 - 2009-07-14 05:45 - 05067008 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-24 07:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-24 07:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-23 20:43 - 2015-11-07 10:34 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-23 20:43 - 2015-11-07 10:34 - 00000000 ____D C:\Windows\system32\MRT
2016-10-22 16:22 - 2015-11-06 22:15 - 00003280 _____ C:\Windows\System32\Tasks\SamsungMagician
2016-10-19 18:21 - 2015-12-17 18:31 - 557280648 _____ C:\Windows\MEMORY.DMP
2016-10-19 18:21 - 2015-12-17 18:31 - 00000000 ____D C:\Windows\Minidump
==================== Files in the root of some directories =======
2016-04-18 10:22 - 2016-05-19 17:32 - 0000034 _____ () C:\Users\Martin\AppData\Roaming\AdobeWLCMCache.dat
2015-11-07 20:01 - 2016-11-11 18:04 - 0001480 _____ () C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-11-10 16:57 - 2016-11-10 16:58 - 0000600 _____ () C:\Users\Martin\AppData\Local\PUTTY.RND
2016-08-21 18:09 - 2016-08-21 18:09 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-07 12:58
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Moc prosím o kontrolu - jeden svchost.exe má pořád 25% CPU
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
# AdwCleaner v6.030 - Log soubor vytvořen 13/11/2016 na 13:15:34
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-13.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Martin - MARTIN-PC
# Beží od : C:\Users\Martin\Desktop\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Adresáře ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Nebyly nalezeny žádné škodlivé soubory.
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Žádný nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Klíč nalezen: HKLM\SOFTWARE\Classes\s
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web data] - pricegrabber.com
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [1544 Bajtů] - [13/11/2016 13:15:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1618 Bajtů] ##########
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-13.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Martin - MARTIN-PC
# Beží od : C:\Users\Martin\Desktop\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
Nebyly nalezeny žádné škodlivé služby.
***** [ Adresáře ] *****
Nebyly nalezeny žádné škodlivé složky.
***** [ Soubory ] *****
Nebyly nalezeny žádné škodlivé soubory.
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Žádný nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Klíč nalezen: HKLM\SOFTWARE\Classes\s
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web data] - pricegrabber.com
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [1544 Bajtů] - [13/11/2016 13:15:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1618 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Neklikl jste na mazání, ADW nemazal. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Pardon, děkuji za trpělivost, tady to máte 
Po restartu PC je vše zatím při starým.
_______________________________________________________________
# AdwCleaner v6.030 - Log soubor vytvořen 13/11/2016 na 13:31:15
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-13.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Martin - MARTIN-PC
# Beží od : C:\Users\Martin\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\s
***** [ Prohlížeče ] *****
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:pricegrabber.com
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1246 Bajtů] - [13/11/2016 13:31:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1698 Bajtů] - [13/11/2016 13:15:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [1772 Bajtů] - [13/11/2016 13:31:01]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1468 Bajtů] ##########
Po restartu PC je vše zatím při starým.
_______________________________________________________________
# AdwCleaner v6.030 - Log soubor vytvořen 13/11/2016 na 13:31:15
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-13.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Martin - MARTIN-PC
# Beží od : C:\Users\Martin\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\s
***** [ Prohlížeče ] *****
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazání:pricegrabber.com
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1246 Bajtů] - [13/11/2016 13:31:15]
C:\AdwCleaner\AdwCleaner[S0].txt - [1698 Bajtů] - [13/11/2016 13:15:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [1772 Bajtů] - [13/11/2016 13:31:01]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1468 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Teď je to OK. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Martin (administrator) on MARTIN-PC (13-11-2016 20:10:03)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Flux Software LLC) C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-27] (COMODO)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2015-11-07] (Authentec Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-10] (Google Inc.)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [f.lux] => C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-11-29] (Flux Software LLC)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [Spotify Web Helper] => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-11] (Spotify Ltd)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [Spotify] => C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-11-11] (Spotify Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2016-04-29]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{CD4BE258-B244-44B5-81D9-17F079AEB7BA}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{CD4BE258-B244-44B5-81D9-17F079AEB7BA}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{E6A42517-CDA7-4B46-83A2-05531048CCEC}: [DhcpNameServer] 10.100.100.6 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-688125412-1392623046-1406436169-1000: SkypePlugin -> C:\Users\Martin\AppData\Local\SkypePlugin\7.11.0.39\npGatewayNpapi.dll [2015-11-26] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-688125412-1392623046-1406436169-1000: SkypePlugin64 -> C:\Users\Martin\AppData\Local\SkypePlugin\7.11.0.39\npGatewayNpapi-x64.dll [2015-11-26] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2016-11-13]
CHR Extension: (Překladač Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-06]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-09]
CHR Extension: (Speed Dial 2) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-06]
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2016-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Teamwork Projects for Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okekkfbjgdmfmogicbhdechdmkfhfphc [2016-11-11]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-22]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-13]
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-10]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-10]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-10]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-10]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-10]
CHR Extension: (Speed Dial 2) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-11-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-10]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-10]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\System Profile [2016-11-10]
CHR HKU\S-1-5-21-688125412-1392623046-1406436169-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-27] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-27] (COMODO)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-10-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-07] (Lenovo)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-10-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56976 2016-08-31] (COMODO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-08-31] (COMODO)
R3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2016-03-08] ( )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-13 20:10 - 2016-11-13 20:10 - 00019397 _____ C:\Users\Martin\Desktop\FRST.txt
2016-11-13 20:09 - 2016-11-13 20:09 - 00029696 _____ C:\Users\Martin\AppData\Local\MSGBOX.EXE
2016-11-13 20:09 - 2016-11-13 20:09 - 00015327 _____ C:\Users\Martin\Desktop\LM.bat
2016-11-13 20:08 - 2016-11-13 20:08 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Comodo
2016-11-13 20:04 - 2016-11-13 20:04 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2016-11-13 17:02 - 2016-11-13 17:02 - 00000000 _____ C:\Users\Martin\pslog.txt
2016-11-13 16:06 - 2016-11-13 16:06 - 00018483 _____ C:\Users\Martin\Desktop\[CzT]Adobe_Animate_CC_2015_1_CZ_.torrent
2016-11-13 13:14 - 2016-11-13 13:56 - 00000000 ____D C:\AdwCleaner
2016-11-13 13:13 - 2016-11-13 13:13 - 03910208 _____ C:\Users\Martin\Desktop\adwcleaner_6.030.exe
2016-11-13 12:54 - 2016-11-13 20:10 - 00000000 ____D C:\FRST
2016-11-13 12:53 - 2016-11-13 12:53 - 02411520 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-11-12 17:36 - 2016-11-12 17:36 - 00113820 _____ C:\Users\Martin\Desktop\102354_Product_Sheet_A4_BeoLab18_UK_2pg_Final_low.pdf
2016-11-11 12:12 - 2016-11-13 16:53 - 00000000 ____D C:\Users\Martin\Desktop\aa
2016-11-10 21:27 - 2016-11-10 21:27 - 00019722 _____ C:\Users\Martin\Desktop\[CzT]Skola_ro_c_ku_The_School_of_Rock_2003_CZ_.torrent
2016-11-10 21:26 - 2016-11-10 21:26 - 00018489 _____ C:\Users\Martin\Desktop\[CzT]Kralove_ro_c_ku_Tenacious_D_The_Pick_of_Destiny_2006_.torrent
2016-11-10 18:37 - 2016-11-10 18:37 - 03506689 _____ C:\Users\Martin\Downloads\gramblr2_win64.zip
2016-11-10 17:22 - 2016-11-10 17:26 - 01699322 _____ C:\Users\Martin\Desktop\Export.ai
2016-11-10 16:57 - 2016-11-10 16:58 - 00000600 _____ C:\Users\Martin\AppData\Local\PUTTY.RND
2016-11-10 16:55 - 2016-11-10 16:55 - 06668096 _____ (Tim Kosse) C:\Users\Martin\Downloads\FileZilla_3.22.2.2_win64-setup.exe
2016-11-10 13:47 - 2016-11-10 17:39 - 00824272 _____ C:\Users\Martin\Desktop\Like.ai
2016-11-09 21:15 - 2016-11-09 21:17 - 34278647 _____ C:\Users\Martin\Desktop\CLRBrowserSourcePlugin-20140909x64.7z
2016-11-09 20:46 - 2016-11-09 20:51 - 90894256 _____ C:\Users\Martin\Desktop\OBS-Studio-0.14.1-With-Browser-Installer.exe
2016-11-09 20:19 - 2016-11-11 21:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2016-11-09 20:18 - 2016-11-09 21:21 - 00001198 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-11-09 20:18 - 2016-11-09 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-11-09 20:18 - 2016-11-09 20:18 - 00000000 ____D C:\Program Files (x86)\obs-studio
2016-10-29 18:25 - 2016-10-29 18:57 - 00000000 ____D C:\Users\Martin\Desktop\Inspirace
2016-10-29 16:05 - 2016-10-29 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plane Arcade
2016-10-27 16:11 - 2016-10-29 15:49 - 00000000 ____D C:\Users\Martin\Desktop\Inspirace_data
2016-10-27 07:35 - 2016-10-27 11:47 - 3580034928 _____ C:\Users\Martin\Desktop\DATA_Z_OKAY.zip
2016-10-24 21:10 - 2016-11-13 17:13 - 00000000 ____D C:\Users\Martin\AppData\Local\Spotify
2016-10-24 21:10 - 2016-10-24 21:10 - 00001772 _____ C:\Users\Martin\Desktop\Spotify.lnk
2016-10-24 21:10 - 2016-10-24 21:10 - 00001758 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-24 21:08 - 2016-11-13 17:18 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Spotify
2016-10-23 20:46 - 2016-10-23 20:46 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-23 20:46 - 2016-10-23 20:46 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-23 20:46 - 2016-10-23 20:46 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-23 20:46 - 2016-10-23 20:46 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-23 20:46 - 2016-10-23 20:46 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-23 20:46 - 2016-10-23 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-23 20:46 - 2016-10-23 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-23 20:46 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-23 20:46 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-23 20:46 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-23 20:46 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-23 20:39 - 2016-10-23 20:39 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-23 20:39 - 2016-10-23 20:39 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-19 18:21 - 2016-10-19 18:21 - 00262144 _____ C:\Windows\Minidump\101916-7534-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-13 20:08 - 2015-11-06 22:11 - 00000000 ____D C:\ProgramData\Comodo
2016-11-13 20:02 - 2015-11-06 22:13 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-11-13 19:56 - 2016-01-25 19:40 - 00202080 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-11-13 19:37 - 2015-11-06 19:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-13 19:34 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-13 19:34 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-13 19:24 - 2015-11-06 19:15 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-13 18:17 - 2015-11-07 11:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2016-11-13 17:02 - 2015-11-06 18:03 - 00000000 ____D C:\Users\Martin
2016-11-13 13:36 - 2011-04-12 09:34 - 00736052 _____ C:\Windows\system32\perfh005.dat
2016-11-13 13:36 - 2011-04-12 09:34 - 00192278 _____ C:\Windows\system32\perfc005.dat
2016-11-13 13:36 - 2009-07-14 06:13 - 01703362 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-13 13:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-13 13:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-13 11:01 - 2015-11-06 20:08 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-13 10:36 - 2009-07-14 06:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-11 22:19 - 2016-04-18 09:53 - 00000000 ____D C:\Users\Martin\AppData\Roaming\FileZilla
2016-11-11 18:04 - 2015-11-07 20:01 - 00001480 _____ C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-11-10 21:27 - 2015-11-06 19:17 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 21:27 - 2015-11-06 19:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-08 18:50 - 2016-05-29 20:57 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 17:08 - 2015-11-11 20:19 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2016-11-07 09:31 - 2015-11-06 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-05 18:04 - 2016-05-29 20:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 18:01 - 2015-11-06 19:15 - 00000000 ____D C:\Users\Martin\AppData\Local\Google
2016-10-31 18:53 - 2016-04-24 17:05 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-10-27 08:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-10-24 17:32 - 2009-07-14 05:45 - 05067008 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-24 07:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-24 07:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-23 20:48 - 2015-11-07 10:34 - 00000000 ____D C:\Windows\system32\MRT
2016-10-23 20:43 - 2015-11-07 10:34 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-22 16:22 - 2015-11-06 22:15 - 00003280 _____ C:\Windows\System32\Tasks\SamsungMagician
2016-10-19 18:21 - 2015-12-17 18:31 - 557280648 _____ C:\Windows\MEMORY.DMP
2016-10-19 18:21 - 2015-12-17 18:31 - 00000000 ____D C:\Windows\Minidump
==================== Files in the root of some directories =======
2016-04-18 10:22 - 2016-05-19 17:32 - 0000034 _____ () C:\Users\Martin\AppData\Roaming\AdobeWLCMCache.dat
2015-11-07 20:01 - 2016-11-11 18:04 - 0001480 _____ () C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-11-13 20:09 - 2016-11-13 20:09 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2016-11-10 16:57 - 2016-11-10 16:58 - 0000600 _____ () C:\Users\Martin\AppData\Local\PUTTY.RND
2016-08-21 18:09 - 2016-08-21 18:09 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-07 12:58
==================== End of FRST.txt ============================
Ran by Martin (administrator) on MARTIN-PC (13-11-2016 20:10:03)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Flux Software LLC) C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-04-26] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-27] (COMODO)
HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2015-11-07] (Authentec Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-10] (Google Inc.)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [f.lux] => C:\Users\Martin\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-11-29] (Flux Software LLC)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [Spotify Web Helper] => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-11] (Spotify Ltd)
HKU\S-1-5-21-688125412-1392623046-1406436169-1000\...\Run: [Spotify] => C:\Users\Martin\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-11-11] (Spotify Ltd)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TVR Scheduler.lnk [2016-04-29]
ShortcutTarget: TVR Scheduler.lnk -> C:\Program Files (x86)\honestech\honestech TVR 2.5\scheduleTV.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{CD4BE258-B244-44B5-81D9-17F079AEB7BA}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{CD4BE258-B244-44B5-81D9-17F079AEB7BA}: [DhcpNameServer] 192.168.26.1
Tcpip\..\Interfaces\{E6A42517-CDA7-4B46-83A2-05531048CCEC}: [DhcpNameServer] 10.100.100.6 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-688125412-1392623046-1406436169-1000: SkypePlugin -> C:\Users\Martin\AppData\Local\SkypePlugin\7.11.0.39\npGatewayNpapi.dll [2015-11-26] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-688125412-1392623046-1406436169-1000: SkypePlugin64 -> C:\Users\Martin\AppData\Local\SkypePlugin\7.11.0.39\npGatewayNpapi-x64.dll [2015-11-26] (Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2016-11-13]
CHR Extension: (Překladač Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-06]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-09]
CHR Extension: (Speed Dial 2) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-06]
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2016-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Teamwork Projects for Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okekkfbjgdmfmogicbhdechdmkfhfphc [2016-11-11]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-22]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-13]
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-10]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-10]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-10]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-10]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-10]
CHR Extension: (Speed Dial 2) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-11-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-10]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-10]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\System Profile [2016-11-10]
CHR HKU\S-1-5-21-688125412-1392623046-1406436169-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-27] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-27] (COMODO)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-10-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-07] (Lenovo)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28544 2016-10-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56976 2016-08-31] (COMODO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-08-31] (COMODO)
R3 RtlvVga; C:\Windows\System32\DRIVERS\RtlvVga.sys [11920 2014-03-18] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2014-07-28] (Synaptics Incorporated)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
S3 X86BDA; C:\Windows\System32\DRIVERS\OEMDrv.sys [268416 2016-03-08] ( )
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-13 20:10 - 2016-11-13 20:10 - 00019397 _____ C:\Users\Martin\Desktop\FRST.txt
2016-11-13 20:09 - 2016-11-13 20:09 - 00029696 _____ C:\Users\Martin\AppData\Local\MSGBOX.EXE
2016-11-13 20:09 - 2016-11-13 20:09 - 00015327 _____ C:\Users\Martin\Desktop\LM.bat
2016-11-13 20:08 - 2016-11-13 20:08 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Comodo
2016-11-13 20:04 - 2016-11-13 20:04 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2016-11-13 17:02 - 2016-11-13 17:02 - 00000000 _____ C:\Users\Martin\pslog.txt
2016-11-13 16:06 - 2016-11-13 16:06 - 00018483 _____ C:\Users\Martin\Desktop\[CzT]Adobe_Animate_CC_2015_1_CZ_.torrent
2016-11-13 13:14 - 2016-11-13 13:56 - 00000000 ____D C:\AdwCleaner
2016-11-13 13:13 - 2016-11-13 13:13 - 03910208 _____ C:\Users\Martin\Desktop\adwcleaner_6.030.exe
2016-11-13 12:54 - 2016-11-13 20:10 - 00000000 ____D C:\FRST
2016-11-13 12:53 - 2016-11-13 12:53 - 02411520 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-11-12 17:36 - 2016-11-12 17:36 - 00113820 _____ C:\Users\Martin\Desktop\102354_Product_Sheet_A4_BeoLab18_UK_2pg_Final_low.pdf
2016-11-11 12:12 - 2016-11-13 16:53 - 00000000 ____D C:\Users\Martin\Desktop\aa
2016-11-10 21:27 - 2016-11-10 21:27 - 00019722 _____ C:\Users\Martin\Desktop\[CzT]Skola_ro_c_ku_The_School_of_Rock_2003_CZ_.torrent
2016-11-10 21:26 - 2016-11-10 21:26 - 00018489 _____ C:\Users\Martin\Desktop\[CzT]Kralove_ro_c_ku_Tenacious_D_The_Pick_of_Destiny_2006_.torrent
2016-11-10 18:37 - 2016-11-10 18:37 - 03506689 _____ C:\Users\Martin\Downloads\gramblr2_win64.zip
2016-11-10 17:22 - 2016-11-10 17:26 - 01699322 _____ C:\Users\Martin\Desktop\Export.ai
2016-11-10 16:57 - 2016-11-10 16:58 - 00000600 _____ C:\Users\Martin\AppData\Local\PUTTY.RND
2016-11-10 16:55 - 2016-11-10 16:55 - 06668096 _____ (Tim Kosse) C:\Users\Martin\Downloads\FileZilla_3.22.2.2_win64-setup.exe
2016-11-10 13:47 - 2016-11-10 17:39 - 00824272 _____ C:\Users\Martin\Desktop\Like.ai
2016-11-09 21:15 - 2016-11-09 21:17 - 34278647 _____ C:\Users\Martin\Desktop\CLRBrowserSourcePlugin-20140909x64.7z
2016-11-09 20:46 - 2016-11-09 20:51 - 90894256 _____ C:\Users\Martin\Desktop\OBS-Studio-0.14.1-With-Browser-Installer.exe
2016-11-09 20:19 - 2016-11-11 21:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2016-11-09 20:18 - 2016-11-09 21:21 - 00001198 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-11-09 20:18 - 2016-11-09 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-11-09 20:18 - 2016-11-09 20:18 - 00000000 ____D C:\Program Files (x86)\obs-studio
2016-10-29 18:25 - 2016-10-29 18:57 - 00000000 ____D C:\Users\Martin\Desktop\Inspirace
2016-10-29 16:05 - 2016-10-29 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plane Arcade
2016-10-27 16:11 - 2016-10-29 15:49 - 00000000 ____D C:\Users\Martin\Desktop\Inspirace_data
2016-10-27 07:35 - 2016-10-27 11:47 - 3580034928 _____ C:\Users\Martin\Desktop\DATA_Z_OKAY.zip
2016-10-24 21:10 - 2016-11-13 17:13 - 00000000 ____D C:\Users\Martin\AppData\Local\Spotify
2016-10-24 21:10 - 2016-10-24 21:10 - 00001772 _____ C:\Users\Martin\Desktop\Spotify.lnk
2016-10-24 21:10 - 2016-10-24 21:10 - 00001758 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-24 21:08 - 2016-11-13 17:18 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Spotify
2016-10-23 20:46 - 2016-10-23 20:46 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-23 20:46 - 2016-10-23 20:46 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-23 20:46 - 2016-10-23 20:46 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-23 20:46 - 2016-10-23 20:46 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-23 20:46 - 2016-10-23 20:46 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-23 20:46 - 2016-10-23 20:46 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-23 20:46 - 2016-10-23 20:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-23 20:46 - 2016-10-23 20:46 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-23 20:46 - 2016-10-23 20:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-23 20:46 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-23 20:46 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-23 20:46 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-23 20:46 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-23 20:39 - 2016-10-23 20:39 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-23 20:39 - 2016-10-23 20:39 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-19 18:21 - 2016-10-19 18:21 - 00262144 _____ C:\Windows\Minidump\101916-7534-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-13 20:08 - 2015-11-06 22:11 - 00000000 ____D C:\ProgramData\Comodo
2016-11-13 20:02 - 2015-11-06 22:13 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-11-13 19:56 - 2016-01-25 19:40 - 00202080 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-11-13 19:37 - 2015-11-06 19:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-13 19:34 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-13 19:34 - 2009-07-14 05:45 - 00016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-13 19:24 - 2015-11-06 19:15 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-13 18:17 - 2015-11-07 11:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\uTorrent
2016-11-13 17:02 - 2015-11-06 18:03 - 00000000 ____D C:\Users\Martin
2016-11-13 13:36 - 2011-04-12 09:34 - 00736052 _____ C:\Windows\system32\perfh005.dat
2016-11-13 13:36 - 2011-04-12 09:34 - 00192278 _____ C:\Windows\system32\perfc005.dat
2016-11-13 13:36 - 2009-07-14 06:13 - 01703362 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-13 13:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-13 13:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-13 11:01 - 2015-11-06 20:08 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2016-11-13 10:36 - 2009-07-14 06:08 - 00032576 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-11 22:19 - 2016-04-18 09:53 - 00000000 ____D C:\Users\Martin\AppData\Roaming\FileZilla
2016-11-11 18:04 - 2015-11-07 20:01 - 00001480 _____ C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-11-10 21:27 - 2015-11-06 19:17 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 21:27 - 2015-11-06 19:17 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-08 18:50 - 2016-05-29 20:57 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 17:08 - 2015-11-11 20:19 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2016-11-07 09:31 - 2015-11-06 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-05 18:04 - 2016-05-29 20:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-05 18:01 - 2015-11-06 19:15 - 00000000 ____D C:\Users\Martin\AppData\Local\Google
2016-10-31 18:53 - 2016-04-24 17:05 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-10-27 08:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-10-24 17:32 - 2009-07-14 05:45 - 05067008 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-24 07:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-24 07:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-23 20:48 - 2015-11-07 10:34 - 00000000 ____D C:\Windows\system32\MRT
2016-10-23 20:43 - 2015-11-07 10:34 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-22 16:22 - 2015-11-06 22:15 - 00003280 _____ C:\Windows\System32\Tasks\SamsungMagician
2016-10-19 18:21 - 2015-12-17 18:31 - 557280648 _____ C:\Windows\MEMORY.DMP
2016-10-19 18:21 - 2015-12-17 18:31 - 00000000 ____D C:\Windows\Minidump
==================== Files in the root of some directories =======
2016-04-18 10:22 - 2016-05-19 17:32 - 0000034 _____ () C:\Users\Martin\AppData\Roaming\AdobeWLCMCache.dat
2015-11-07 20:01 - 2016-11-11 18:04 - 0001480 _____ () C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-11-13 20:09 - 2016-11-13 20:09 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2016-11-10 16:57 - 2016-11-10 16:58 - 0000600 _____ () C:\Users\Martin\AppData\Local\PUTTY.RND
2016-08-21 18:09 - 2016-08-21 18:09 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-07 12:58
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Martin\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Moc děkuji za rychlé reakce! Svchost.ese pořád pracuje.
____________________________________________________
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Martin (13-11-2016 20:42:16) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Martin\AppData\Local\Temp
End
*****************
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Users\Martin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-11-2016 20:44:45)
C:\Users\Martin\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:44:45 ====
____________________________________________________
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Martin (13-11-2016 20:42:16) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Martin\AppData\Local\Temp
End
*****************
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\Users\Martin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-11-2016 20:44:45)
C:\Users\Martin\AppData\Local\Temp => moved successfully
==== End of Fixlog 20:44:45 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 14.11.2016
Čas skenování: 9:39
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.14.04
Databáze rootkitů: v2016.10.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 279710
Uplynulý čas: 7 min, 7 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
CrackTool.Agent, C:\ProgramData\Comodo\Cis\Quarantine\data\{AA3650B3-C981-439D-A761-7BF13F1B6C24}, , [1a12fec2bedcd165faeeadc95fa147b9],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 14.11.2016
Čas skenování: 9:39
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.14.04
Databáze rootkitů: v2016.10.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Martin
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 279710
Uplynulý čas: 7 min, 7 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
CrackTool.Agent, C:\ProgramData\Comodo\Cis\Quarantine\data\{AA3650B3-C981-439D-A761-7BF13F1B6C24}, , [1a12fec2bedcd165faeeadc95fa147b9],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Nalezenou položku smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Smazáno, PC restartován. Svchost pořád jede. 
Jen pro zajímavost jsem zkusil provést kontrolu znova a nic to nenašlo. Je ještě nějaký další krok jak by šlo svchost porazit?
Děkuji moc
Jen pro zajímavost jsem zkusil provést kontrolu znova a nic to nenašlo. Je ještě nějaký další krok jak by šlo svchost porazit?Děkuji moc
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Na zkoušku vypněte aut. aktualizace a přesvědčte se, zda poklesla spotřeba syst. prostředků.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Moc prosím o kontrolu - jeden svchost.exe má pořád 25% C
Ukončil jsem kontrolu aktualizací, resetoval PC a svchost je pryč! Aktualizace si občas manuálně spustím a bude...
Kde by mohl být ten problém? Bugnulo se to nějak?
Moc děkuji za pomoc!
Kde by mohl být ten problém? Bugnulo se to nějak?
Moc děkuji za pomoc!
Přispějete na provoz fóra?