Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Dobrý den, prosím o prev. kontrolu. Děkuji

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Dobrý den, prosím o prev. kontrolu. Děkuji

#1 Příspěvek od gastrotop »

Logfile of random's system information tool 1.10 (written by random/random)
Run by DetialStav at 2018-02-20 08:09:47
Microsoft Windows 10 Home
System drive C: has 75 GB (33%) free of 227 GB
Total RAM: 3982 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:09:53, on 20.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sticky Password\stpass.exe
C:\Program Files (x86)\Tenda\Common\RaUI.exe
C:\Program Files (x86)\Sticky Password\spUIAManager.exe
C:\Program Files (x86)\Sticky Password\spNMHost.exe
C:\Program Files\trend micro\DetialStav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [USB Gamepad] C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe -boot
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [StickyPassword] C:\Program Files (x86)\Sticky Password\stpass.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Tenda Wireless Utility.lnk = C:\Program Files (x86)\Tenda\Common\RaUI.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
O23 - Service: RalinkRegistryWriter64 - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
O23 - Service: RaMediaServer - Unknown owner - C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 8310 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {f0451609-93e0-43c3-a1c1424f43665483}
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"


"C:\Program Files (x86)\Tenda\Common\RaRegistry.exe"
"C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s fhsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files (x86)\Sticky Password\stpass.exe"
"C:\Windows\USB Vibration\7906\USB Gamepad.exe" -boot
"C:\Program Files (x86)\Tenda\Common\RaUI.exe" -s
"C:\Program Files (x86)\Sticky Password\spUIAManager.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{49F171DD-B51A-40D3-9A6C-52D674CC729D}
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{7E55A26D-EF95-4A45-9F55-21E52ADF9887}
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\AUDIODG.EXE 0x5ec
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.0.2026857866\1319913263" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\DetialStav\AppData\LocalLow\Mozilla\Temp-{02695ca6-6ee9-47d9-9bbb-fbc4bce47eb8}" 6068 "\\.\pipe\gecko-crash-server-pipe.6068" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.3.577485468\132479368" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:1|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{02695ca6-6ee9-47d9-9bbb-fbc4bce47eb8}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6068 "\\.\pipe\gecko-crash-server-pipe.6068" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.13.500048800\1781046967" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:1|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{02695ca6-6ee9-47d9-9bbb-fbc4bce47eb8}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6068 "\\.\pipe\gecko-crash-server-pipe.6068" tab
"C:\Program Files (x86)\Sticky Password\spNMHost.exe" "C:\Program Files (x86)\Sticky Password\spNMHostMoz.json" {ecb80162-dfbd-4d91-a8da-17b35ba4707a}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6068.20.1087784892\1794642175" -childID 3 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|99:2|100:1|115:5000|125:0|127:0|138:10000|150:-1|158:24|159:32768|161:0|162:0|170:5|174:1048576|175:100|176:5000|178:600|180:1|188:20|191:4|195:0|204:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:0|85:0|86:0|88:0|89:0|90:1|91:1|92:1|95:1|96:0|98:0|101:1|102:0|109:0|114:0|117:1|120:1|122:1|126:0|129:1|132:1|133:1|139:1|140:0|141:1|143:0|149:0|151:1|152:0|153:1|156:0|157:0|160:1|163:0|165:1|167:1|168:0|177:1|182:0|183:1|184:0|185:1|186:0|187:0|189:1|190:1|193:0|196:0|197:0|198:1|199:1|200:0|201:1|202:1|203:1|205:0|206:0|208:0|217:1|218:1|219:0|220:0|221:0| -stringPrefs "3:7;release|97:0;|142:3;1.0|154:332;  ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵           ​‎‏‐’․‧

‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|155:4;high|192:38;{02695ca6-6ee9-47d9-9bbb-fbc4bce47eb8}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6068 "\\.\pipe\gecko-crash-server-pipe.6068" tab
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe158_ Global\UsGthrCtrlFltPipeMssGthrPipe158 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
C:\WINDOWS\system32\DllHost.exe /Processid:{53362C64-A296-4F2D-A2F8-FD984D08340B}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\DetialStav\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

=========Mozilla firefox=========

ProfilePath - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.161 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.161 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-07-03 8505088]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-03 1402624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2017-09-29 20488312]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-10-31 3102496]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe [2017-11-27 64512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB Gamepad"=C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [2008-12-10 796784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Tenda Wireless Utility.lnk - C:\Program Files (x86)\Tenda\Common\RaUI.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-16 07:03:20 ----D---- C:\ProgramData\hps
2018-02-16 07:03:17 ----D---- C:\ProgramData\tmp
2018-02-16 06:55:02 ----D---- C:\Program Files\dm
2018-02-15 14:03:11 ----D---- C:\WINDOWS\system32\drivers\wd
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\SYSWOW64\SRH.dll
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\SYSWOW64\Magnify.exe
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\system32\wpncore.dll
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\system32\WpcMon.exe
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 19:28:24 ----AC---- C:\WINDOWS\system32\Magnify.exe
2018-02-14 19:28:23 ----AC---- C:\WINDOWS\system32\Wpc.dll
2018-02-14 19:28:23 ----AC---- C:\WINDOWS\system32\SRH.dll
2018-02-14 19:28:22 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-02-14 19:28:22 ----AC---- C:\WINDOWS\SYSWOW64\mmc.exe
2018-02-14 19:28:22 ----AC---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-02-14 19:28:22 ----AC---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 19:28:21 ----AC---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-02-14 19:28:21 ----AC---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-02-14 19:28:20 ----AC---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2018-02-14 19:28:20 ----AC---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-02-14 19:28:20 ----AC---- C:\WINDOWS\system32\mspaint.exe
2018-02-14 19:28:20 ----AC---- C:\WINDOWS\system32\mmc.exe
2018-02-14 19:28:19 ----AC---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-02-14 19:28:18 ----AC---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-02-14 19:28:18 ----AC---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-02-14 19:28:17 ----AC---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-02-14 19:28:17 ----AC---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\sud.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\mspaint.exe
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 19:28:16 ----AC---- C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-02-14 19:28:13 ----AC---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\rastls.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\mmcbase.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\urlmon.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\sud.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\srchadmin.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 19:28:12 ----AC---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-02-14 19:28:11 ----AC---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-02-14 19:28:11 ----AC---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2018-02-14 19:28:10 ----AC---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2018-02-14 19:28:10 ----AC---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2018-02-14 19:28:10 ----AC---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-02-14 19:28:10 ----AC---- C:\WINDOWS\SYSWOW64\evr.dll
2018-02-14 19:28:10 ----AC---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-02-14 19:28:10 ----AC---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 19:28:09 ----AC---- C:\WINDOWS\system32\audiosrv.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\SYSWOW64\webio.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\tquery.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\StorSvc.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 19:28:08 ----AC---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\system32\rdpudd.dll
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\system32\ieproxy.dll
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 19:28:07 ----AC---- C:\WINDOWS\system32\D3D12.dll
2018-02-14 19:28:06 ----AC---- C:\WINDOWS\system32\ntdll.dll
2018-02-14 19:28:06 ----AC---- C:\WINDOWS\system32\hal.dll
2018-02-14 19:28:06 ----AC---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-02-14 19:28:06 ----AC---- C:\WINDOWS\system32\drivers\clfs.sys
2018-02-14 19:28:06 ----AC---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-02-14 19:28:05 ----AC---- C:\WINDOWS\system32\securekernel.exe
2018-02-14 19:28:05 ----AC---- C:\WINDOWS\system32\rastls.dll
2018-02-14 19:28:05 ----AC---- C:\WINDOWS\system32\drivers\pci.sys
2018-02-14 19:28:05 ----AC---- C:\WINDOWS\system32\drivers\ks.sys
2018-02-14 19:28:05 ----AC---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-02-14 19:28:04 ----AC---- C:\WINDOWS\system32\themecpl.dll
2018-02-14 19:28:04 ----AC---- C:\WINDOWS\system32\msfeeds.dll
2018-02-14 19:28:04 ----AC---- C:\WINDOWS\system32\mmcbase.dll
2018-02-14 19:28:04 ----AC---- C:\WINDOWS\system32\gameux.dll
2018-02-14 19:28:03 ----AC---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-02-14 19:28:03 ----AC---- C:\WINDOWS\system32\dxtrans.dll
2018-02-14 19:28:02 ----AC---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2018-02-14 19:28:02 ----AC---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-02-14 19:28:02 ----AC---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-02-14 19:28:02 ----AC---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 19:28:02 ----AC---- C:\WINDOWS\system32\jscript9.dll
2018-02-14 19:28:02 ----AC---- C:\WINDOWS\system32\hvloader.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\winbrand.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 19:28:01 ----AC---- C:\WINDOWS\system32\evr.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\wuuhext.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\nshhttp.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\netlogon.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\DbgModel.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\authz.dll
2018-02-14 19:28:00 ----AC---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 19:27:59 ----AC---- C:\WINDOWS\system32\audiodg.exe
2018-02-14 19:27:58 ----AC---- C:\WINDOWS\SYSWOW64\vssapi.dll
2018-02-14 19:27:58 ----AC---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-02-14 19:27:58 ----AC---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 19:27:58 ----AC---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 19:27:58 ----AC---- C:\WINDOWS\system32\VSSVC.exe
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\system32\webio.dll
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\system32\mssrch.dll
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\system32\InputService.dll
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\system32\edgeIso.dll
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\system32\drivers\winnat.sys
2018-02-14 19:27:57 ----AC---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-02-14 19:27:56 ----AC---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 19:27:56 ----AC---- C:\WINDOWS\system32\iertutil.dll
2018-02-14 19:27:56 ----AC---- C:\WINDOWS\system32\d3d11.dll
2018-02-14 19:27:55 ----AC---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-02-14 19:27:55 ----AC---- C:\WINDOWS\system32\win32kfull.sys
2018-02-14 19:27:55 ----AC---- C:\WINDOWS\system32\win32kbase.sys
2018-02-14 19:27:54 ----AC---- C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 19:27:54 ----AC---- C:\WINDOWS\system32\ieframe.dll
2018-02-14 19:27:54 ----AC---- C:\WINDOWS\system32\AcGenral.dll
2018-02-14 19:27:53 ----AC---- C:\WINDOWS\system32\mshtmled.dll
2018-02-14 19:27:53 ----AC---- C:\WINDOWS\system32\Chakra.dll
2018-02-14 19:27:53 ----AC---- C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\mfsvr.dll
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\hvax64.exe
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-02-14 19:27:52 ----AC---- C:\WINDOWS\system32\drivers\afd.sys
2018-02-14 19:27:51 ----AC---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-02-14 19:27:51 ----AC---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-02-14 19:27:51 ----AC---- C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 19:27:51 ----AC---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 19:27:51 ----AC---- C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 19:27:51 ----AC---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 19:27:50 ----AC---- C:\WINDOWS\system32\wuaueng.dll
2018-02-14 19:27:50 ----AC---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 19:27:50 ----AC---- C:\WINDOWS\system32\lsasrv.dll
2018-02-14 19:27:50 ----AC---- C:\WINDOWS\system32\dnsapi.dll
2018-02-14 19:27:49 ----AC---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 19:27:49 ----AC---- C:\WINDOWS\system32\dbgeng.dll
2018-02-14 19:27:49 ----AC---- C:\WINDOWS\system32\AudioSes.dll
2018-02-14 19:27:48 ----AC---- C:\WINDOWS\system32\ncsi.dll
2018-02-14 19:27:48 ----AC---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-02-14 19:27:48 ----AC---- C:\WINDOWS\system32\drivers\bthport.sys
2018-02-14 19:27:48 ----AC---- C:\WINDOWS\system32\bisrv.dll
2018-02-14 19:27:47 ----AC---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 19:27:47 ----AC---- C:\WINDOWS\system32\vssapi.dll
2018-02-14 19:27:47 ----AC---- C:\WINDOWS\system32\twinapi.dll
2018-02-14 19:27:46 ----AC---- C:\WINDOWS\system32\uDWM.dll
2018-02-14 19:27:46 ----AC---- C:\WINDOWS\system32\dwmcore.dll
2018-02-14 19:27:46 ----AC---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-02-14 19:27:46 ----AC---- C:\WINDOWS\system32\drivers\ndis.sys
2018-02-14 19:27:45 ----AC---- C:\WINDOWS\system32\wininet.dll
2018-02-14 19:27:45 ----AC---- C:\WINDOWS\system32\msIso.dll
2018-02-14 19:27:45 ----AC---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-02-14 19:27:43 ----AC---- C:\WINDOWS\system32\mshtml.dll
2018-02-14 19:27:43 ----AC---- C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 19:27:42 ----AC---- C:\WINDOWS\system32\hvix64.exe
2018-02-14 19:27:42 ----AC---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-02-14 19:27:41 ----AC---- C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 19:27:41 ----AC---- C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 19:27:41 ----AC---- C:\WINDOWS\system32\drivers\http.sys
2018-02-14 19:27:40 ----AC---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 19:27:40 ----AC---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 19:27:40 ----AC---- C:\WINDOWS\system32\mfcore.dll
2018-02-14 19:27:39 ----AC---- C:\WINDOWS\system32\edgehtml.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 19:27:38 ----AC---- C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\SettingSync.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\rascustom.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\ISM.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 19:27:37 ----AC---- C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\twinapi.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-02-14 19:27:36 ----AC---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\SYSWOW64\setupapi.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\system32\wuauclt.exe
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\system32\rasmans.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\system32\rasapi32.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\system32\nlaapi.dll
2018-02-14 19:27:35 ----AC---- C:\WINDOWS\system32\convertvhd.exe
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 19:27:34 ----AC---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 19:27:33 ----AC---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-02-14 19:27:33 ----AC---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 19:27:33 ----AC---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 19:27:33 ----AC---- C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 19:27:33 ----AC---- C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 19:27:32 ----AC---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-02-14 19:27:32 ----AC---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-02-14 19:27:32 ----AC---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2018-02-14 19:27:32 ----AC---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2018-02-14 19:27:32 ----AC---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-02-14 19:27:32 ----AC---- C:\WINDOWS\system32\hgcpl.dll
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\SYSWOW64\fontext.dll
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\system32\windows.storage.dll
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\system32\winbrand.dll
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\system32\stobject.dll
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\system32\rstrui.exe
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\system32\mssvp.dll
2018-02-14 19:27:31 ----AC---- C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 19:27:30 ----AC---- C:\WINDOWS\system32\winsrv.dll
2018-02-14 19:27:30 ----AC---- C:\WINDOWS\system32\setupapi.dll
2018-02-14 19:27:30 ----AC---- C:\WINDOWS\system32\nlasvc.dll
2018-02-14 19:27:30 ----AC---- C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 19:27:29 ----AC---- C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 19:27:29 ----AC---- C:\WINDOWS\system32\rasdlg.dll
2018-02-14 19:27:29 ----AC---- C:\WINDOWS\system32\ntshrui.dll
2018-02-14 19:27:29 ----AC---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 19:27:29 ----AC---- C:\WINDOWS\system32\comdlg32.dll
2018-02-14 19:27:28 ----AC---- C:\WINDOWS\system32\twinui.dll
2018-02-14 19:27:28 ----AC---- C:\WINDOWS\system32\themeui.dll
2018-02-14 19:27:28 ----AC---- C:\WINDOWS\system32\sppsvc.exe
2018-02-14 19:27:27 ----AC---- C:\WINDOWS\system32\wow64.dll
2018-02-14 19:27:27 ----AC---- C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 19:27:27 ----AC---- C:\WINDOWS\system32\lsm.dll
2018-02-14 19:27:27 ----AC---- C:\WINDOWS\system32\bootux.dll
2018-02-14 19:27:27 ----AC---- C:\WINDOWS\system32\aclui.dll
2018-02-14 19:27:26 ----AC---- C:\WINDOWS\system32\zipfldr.dll
2018-02-14 19:27:26 ----AC---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 19:27:26 ----AC---- C:\WINDOWS\system32\LogonController.dll
2018-02-14 19:27:26 ----AC---- C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 19:27:25 ----AC---- C:\WINDOWS\system32\localspl.dll
2018-02-14 19:27:25 ----AC---- C:\WINDOWS\system32\fontext.dll
2018-02-14 19:27:24 ----AC---- C:\WINDOWS\system32\srcore.dll
2018-02-14 19:27:24 ----AC---- C:\WINDOWS\system32\shell32.dll
2018-02-14 19:27:24 ----AC---- C:\WINDOWS\system32\ListSvc.dll
2018-02-14 19:27:24 ----AC---- C:\WINDOWS\explorer.exe
2018-02-14 19:27:23 ----AC---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-02-14 19:27:22 ----AC---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-02-14 19:27:21 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 19:27:21 ----AC---- C:\WINDOWS\SYSWOW64\user.exe
2018-02-14 19:27:21 ----AC---- C:\WINDOWS\system32\mssprxy.dll
2018-02-14 19:27:20 ----AC---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 19:27:20 ----AC---- C:\WINDOWS\system32\mfps.dll
2018-02-14 19:27:11 ----AC---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 19:27:11 ----AC---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 19:27:11 ----AC---- C:\WINDOWS\system32\MusNotification.exe
2018-02-14 19:27:10 ----AC---- C:\WINDOWS\system32\usocore.dll
2018-02-14 19:27:10 ----AC---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 19:27:06 ----AC---- C:\WINDOWS\system32\vac.exe
2018-02-14 19:27:04 ----AC---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 19:27:04 ----AC---- C:\WINDOWS\system32\AppxSysprep.dll
2018-02-14 19:27:04 ----AC---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 19:27:03 ----AC---- C:\WINDOWS\system32\wcimage.dll
2018-02-14 19:27:03 ----AC---- C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 19:27:03 ----AC---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 19:27:02 ----AC---- C:\WINDOWS\system32\cldapi.dll
2018-02-14 19:27:02 ----AC---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 19:26:58 ----AC---- C:\WINDOWS\system32\winsku.dll
2018-02-14 19:26:58 ----AC---- C:\WINDOWS\system32\winresume.exe
2018-02-14 19:26:58 ----AC---- C:\WINDOWS\system32\winload.exe
2018-02-14 19:26:58 ----AC---- C:\WINDOWS\system32\drivers\cng.sys
2018-02-14 19:26:58 ----AC---- C:\WINDOWS\system32\ci.dll
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 19:26:57 ----AC---- C:\WINDOWS\system32\AudioEng.dll
2018-02-14 19:26:56 ----AC---- C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 19:26:56 ----AC---- C:\WINDOWS\system32\devinv.dll
2018-02-14 19:26:56 ----AC---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 19:26:56 ----AC---- C:\WINDOWS\system32\appraiser.dll
2018-02-14 19:26:56 ----AC---- C:\WINDOWS\system32\acmigration.dll
2018-02-14 19:26:55 ----AC---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-02-14 19:26:55 ----AC---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\sppobjs.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\rshx32.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\InstallService.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\efscore.dll
2018-02-14 19:26:54 ----AC---- C:\WINDOWS\system32\browserbroker.dll
2018-02-14 19:26:52 ----AC---- C:\WINDOWS\system32\wimserv.exe
2018-02-14 19:26:52 ----AC---- C:\WINDOWS\system32\wimgapi.dll
2018-02-14 19:26:51 ----AC---- C:\WINDOWS\SYSWOW64\winsku.dll
2018-02-14 19:26:51 ----AC---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\twext.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\authz.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\SYSWOW64\authui.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\usercpl.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\twext.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\shutdownux.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\netplwiz.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 19:26:50 ----AC---- C:\WINDOWS\system32\authui.dll
2018-02-14 19:26:49 ----AC---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2018-02-14 19:26:49 ----AC---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 19:26:49 ----AC---- C:\WINDOWS\system32\pcasvc.dll
2018-02-14 19:26:49 ----AC---- C:\WINDOWS\system32\generaltel.dll
2018-02-14 19:26:49 ----AC---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 19:26:49 ----AC---- C:\WINDOWS\system32\aeinv.dll
2018-02-14 19:26:48 ----AC---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-02-14 19:26:48 ----AC---- C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 19:26:48 ----AC---- C:\WINDOWS\system32\dsreg.dll
2018-02-14 19:26:47 ----AC---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2018-02-14 19:26:47 ----AC---- C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 19:26:46 ----AC---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 19:26:46 ----AC---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2018-02-14 19:26:46 ----AC---- C:\WINDOWS\system32\sppwinob.dll
2018-02-14 19:26:44 ----AC---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2018-02-14 19:26:44 ----AC---- C:\WINDOWS\system32\mf.dll
2018-02-14 19:26:44 ----AC---- C:\WINDOWS\system32\FSClient.dll
2018-02-14 19:26:44 ----AC---- C:\WINDOWS\system32\aepic.dll
2018-02-14 19:26:43 ----AC---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 19:26:43 ----AC---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 19:26:43 ----AC---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 19:26:43 ----AC---- C:\WINDOWS\system32\dcntel.dll
2018-02-14 19:26:42 ----AC---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-02-14 19:26:42 ----AC---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-02-14 19:26:42 ----AC---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-02-14 19:26:42 ----AC---- C:\WINDOWS\system32\rtmpal.dll
2018-02-14 19:26:42 ----AC---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 19:26:42 ----AC---- C:\WINDOWS\system32\invagent.dll
2018-02-14 19:26:41 ----AC---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-02-14 19:26:41 ----AC---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 19:26:41 ----AC---- C:\WINDOWS\system32\KernelBase.dll
2018-02-14 19:26:41 ----AC---- C:\WINDOWS\system32\FntCache.dll
2018-02-14 19:26:40 ----AC---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-02-14 19:26:40 ----AC---- C:\WINDOWS\SYSWOW64\sendmail.dll
2018-02-14 19:26:40 ----AC---- C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 19:26:40 ----AC---- C:\WINDOWS\system32\pcalua.exe
2018-02-14 19:26:40 ----AC---- C:\WINDOWS\system32\aitstatic.exe
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\SYSWOW64\mf.dll
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 19:26:39 ----AC---- C:\WINDOWS\system32\efswrt.dll
2018-02-14 19:26:38 ----AC---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2018-02-14 19:26:38 ----AC---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-02-14 19:26:38 ----AC---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-02-14 19:26:38 ----AC---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 19:26:38 ----AC---- C:\WINDOWS\system32\policymanager.dll
2018-02-14 19:26:38 ----AC---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 19:26:37 ----AC---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-02-14 19:26:37 ----AC---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-02-14 19:26:37 ----AC---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 19:26:37 ----AC---- C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 19:26:37 ----AC---- C:\WINDOWS\system32\FrameServer.dll
2018-02-14 19:26:37 ----AC---- C:\WINDOWS\system32\drivers\netio.sys
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\efswrt.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\edputil.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\wldp.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\wintrust.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\WebClnt.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\shsetup.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\rasgcw.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\ortcengine.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\FsIso.exe
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\edputil.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\davclnt.dll
2018-02-14 19:26:36 ----AC---- C:\WINDOWS\system32\browserexport.exe
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\shsetup.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\regsvr32.exe
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\wups2.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\virtdisk.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\tzres.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\regsvr32.exe
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\FontProvider.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\drivers\npfs.sys
2018-02-14 19:26:35 ----AC---- C:\WINDOWS\system32\dnsrslvr.dll
2018-02-12 07:37:58 ----D---- C:\Program Files\LibreOffice
2018-02-09 08:10:50 ----D---- C:\Users\DetialStav\AppData\Roaming\Kastner software
2018-02-09 08:10:27 ----D---- C:\ProgramData\KASTNER software
2018-02-09 08:10:27 ----D---- C:\Program Files (x86)\KASTNER software
2018-02-06 21:16:29 ----D---- C:\Users\DetialStav\AppData\Roaming\Lamantine
2018-02-06 20:59:54 ----D---- C:\Program Files (x86)\Sticky Password
2018-02-06 20:54:49 ----D---- C:\Users\DetialStav\AppData\Roaming\KeePass

======List of files/folders modified in the last 1 month======

2018-02-20 08:09:51 ----DC---- C:\Program Files\trend micro
2018-02-20 08:09:39 ----D---- C:\WINDOWS\Temp
2018-02-20 08:06:54 ----D---- C:\WINDOWS\Prefetch
2018-02-20 07:20:00 ----D---- C:\WINDOWS\system32\sru
2018-02-20 06:20:52 ----D---- C:\WINDOWS\System32
2018-02-20 06:20:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-20 06:19:34 ----D---- C:\WINDOWS\system32\LogFiles
2018-02-20 06:17:32 ----D---- C:\WINDOWS\system32\NDF
2018-02-20 06:16:36 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-19 21:53:55 ----D---- C:\WINDOWS\DeliveryOptimization
2018-02-19 18:17:40 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-17 15:03:49 ----HD---- C:\Program Files\WindowsApps
2018-02-17 15:03:49 ----D---- C:\WINDOWS\AppReadiness
2018-02-16 22:16:47 ----D---- C:\WINDOWS\Logs
2018-02-16 17:27:12 ----DC---- C:\WINDOWS\SoftwareDistribution
2018-02-16 17:27:12 ----D---- C:\Windows
2018-02-16 07:20:44 ----D---- C:\WINDOWS\INF
2018-02-16 07:20:43 ----D---- C:\WINDOWS\debug
2018-02-16 07:03:20 ----HD---- C:\ProgramData
2018-02-16 06:55:02 ----RD---- C:\Program Files
2018-02-16 06:04:23 ----D---- C:\WINDOWS\system32\config
2018-02-15 22:11:32 ----D---- C:\WINDOWS\WinSxS
2018-02-15 22:11:32 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-15 22:08:26 ----D---- C:\WINDOWS\system32\catroot2
2018-02-15 18:42:57 ----D---- C:\WINDOWS\rescache
2018-02-15 15:39:57 ----SHD---- C:\System Volume Information
2018-02-15 14:03:11 ----D---- C:\WINDOWS\system32\drivers
2018-02-15 14:01:43 ----D---- C:\WINDOWS\TextInput
2018-02-15 14:01:43 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-02-15 14:01:43 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-15 14:01:43 ----D---- C:\WINDOWS\SysWOW64
2018-02-15 14:01:42 ----D---- C:\WINDOWS\system32\wbem
2018-02-15 14:01:42 ----D---- C:\WINDOWS\system32\oobe
2018-02-15 14:01:42 ----D---- C:\WINDOWS\system32\migration
2018-02-15 14:01:42 ----D---- C:\WINDOWS\system32\Boot
2018-02-15 14:01:42 ----D---- C:\WINDOWS\system32\appraiser
2018-02-15 14:01:41 ----D---- C:\WINDOWS\ShellExperiences
2018-02-15 14:01:40 ----D---- C:\WINDOWS\bcastdvr
2018-02-15 14:01:40 ----D---- C:\WINDOWS\apppatch
2018-02-15 14:01:28 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-02-14 19:38:17 ----DC---- C:\WINDOWS\system32\MRT
2018-02-14 19:38:11 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 19:38:03 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-14 19:37:51 ----SHD---- C:\WINDOWS\Installer
2018-02-14 19:30:56 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2018-02-14 18:39:11 ----D---- C:\WINDOWS\CbsTemp
2018-02-13 18:13:01 ----D---- C:\WINDOWS\system32\Tasks
2018-02-12 15:21:08 ----ADC---- C:\Program Files (x86)\OpenOffice 4
2018-02-12 15:17:57 ----DC---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-12 15:17:57 ----ADC---- C:\Program Files (x86)\Mozilla Firefox
2018-02-12 07:38:02 ----RSD---- C:\WINDOWS\Fonts
2018-02-12 07:26:31 ----RD---- C:\WINDOWS\assembly
2018-02-09 08:10:27 ----RD---- C:\Program Files (x86)
2018-02-07 00:19:59 ----D---- C:\WINDOWS\system32\Macromed
2018-02-07 00:19:55 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-02-06 03:49:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-02-01 07:41:01 ----ADC---- C:\Program Files (x86)\PROFIT
2018-01-25 18:07:49 ----D---- C:\Users\DetialStav\AppData\Roaming\STORMWARE
2018-01-24 18:58:47 ----C---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 MBI;@oem23.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-11-19 41464]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 MpKsl174441b4;MpKsl174441b4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3EB2D161-8BF1-419E-9BC4-504A59DCB5AB}\MpKsl174441b4.sys [2018-02-20 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 GPIO;@oem6.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-11-16 59840]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-07-03 4515584]
R3 IntcDAud;@oem15.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem20.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 netr28x;@netr28x.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\System32\drivers\netr28x.sys [2017-09-29 2537984]
R3 RSP2STOR;@oem17.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-06-29 310528]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-29 604160]
R3 rtbth;@oem22.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-06-03 1219200]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2017-09-29 13312]
R3 SynTP;@oem10.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2017-08-18 716384]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-10-25 45464]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
S3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-02-10 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 h647906;DragonRise HID7906 AMD64 Driver; C:\WINDOWS\system32\drivers\h647906.sys [2008-12-01 62576]
S3 hid7906;DragonRise HID7906 x86 Driver; C:\WINDOWS\system32\drivers\hid7906.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 intaud_WaveExtensible;@oem16.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2016-09-05 165504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-01-17 83984]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2015-07-03 106952]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_a8303fe;Uživatelská služba platformy připojených zařízení_a8303fe; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2017-02-21 121344]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 OneSyncSvc_a8303fe;Hostitel synchronizace_a8303fe; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 RalinkRegistryWriter;RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [2011-03-31 375872]
R2 RalinkRegistryWriter64;RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [2011-03-31 454208]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-07-03 303360]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-08-18 278616]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_a8303fe;Data kontaktů_a8303fe; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_a8303fe;Tok zařízení_a8303fe; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-04-05 1595400]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-30 153752]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-04-18 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_a8303fe;Služba zasílání zpráv_a8303fe; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-02-09 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_a8303fe;PrintWorkflow_a8303fe; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RaMediaServer;RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [2011-03-04 621632]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-10-31 1641248]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-09-29 302592]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------
:oops:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#3 Příspěvek od gastrotop »

# AdwCleaner 7.0.8.0 - Logfile created on Tue Feb 20 14:51:10 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2018/2/20 14:50:45]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
:oops:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#5 Příspěvek od gastrotop »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2018
Ran by DetialStav (administrator) on DESKTOP-LDKMV3C (20-02-2018 16:06:20)
Running from C:\Users\DetialStav\Desktop
Loaded Profiles: DetialStav (Available Profiles: defaultuser0 & DetialStav)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
() C:\Windows\USB Vibration\7906\USB Gamepad.exe
(Tenda Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaUI.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(forum.viry.cz) C:\Users\DetialStav\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8505088 2015-07-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-07-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB Gamepad] => C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] ()
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-696771267-3938895601-123810913-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [64512 2017-11-27] (Lamantine Software a.s.)
HKU\S-1-5-21-696771267-3938895601-123810913-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2017-09-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2017-01-19]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.168.208.20 217.168.208.21
Tcpip\..\Interfaces\{e5647106-bb82-473b-8284-4a85a2cecd9a}: [DhcpNameServer] 217.168.208.20 217.168.208.21

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: co5tb96t.default
FF ProfilePath: C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default [2018-02-20]
FF Homepage: Mozilla\Firefox\Profiles\co5tb96t.default -> http://www.seznam.cz
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-23] [Legacy]
FF Extension: (FormApps Extension) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2017-08-21]
FF Extension: (Sticky Password extension) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2018-02-07]
FF Extension: (YouTube Video and Audio Downloader (Dev Edt.)) - C:\Users\DetialStav\AppData\Roaming\Mozilla\Firefox\Profiles\co5tb96t.default\Extensions\{f73df109-8fb4-453e-8373-f59e61ca4da3}.xpi [2018-02-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-696771267-3938895601-123810913-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\DetialStav\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)

Chrome:
=======
CHR Profile: C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default [2018-02-20]
CHR Extension: (Prezentace) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Dokumenty) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Disk Google) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-30]
CHR Extension: (YouTube) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-30]
CHR Extension: (Tabulky) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-09]
CHR Extension: (FormApps Extension) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-11-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-09]
CHR Extension: (Gmail) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\DetialStav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-09]
CHR HKU\S-1-5-21-696771267-3938895601-123810913-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [121344 2017-02-21] (Dassault Systèmes) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-04-18] (HP)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-07-03] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [59840 2015-11-16] (Intel Corporation)
S3 h647906; C:\WINDOWS\System32\drivers\h647906.sys [62576 2008-12-01] (Your Corporation)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [41096 2008-12-01] (Your Corporation)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [41464 2015-11-19] (Intel(R) Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [148240 2015-10-13] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30392 2017-04-25] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-20 16:06 - 2018-02-20 16:06 - 000012758 ____C C:\Users\DetialStav\Desktop\FRST.txt
2018-02-20 16:05 - 2018-02-20 16:06 - 000000000 ___DC C:\FRST
2018-02-20 16:04 - 2018-02-20 16:04 - 002403328 _____ (Farbar) C:\Users\DetialStav\Desktop\FRST64.exe
2018-02-20 16:02 - 2018-02-20 16:02 - 000112640 _____ (forum.viry.cz) C:\Users\DetialStav\Desktop\FRSTLauncher.exe
2018-02-20 15:51 - 2018-02-20 15:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-20 15:47 - 2018-02-20 15:50 - 000000000 ___DC C:\AdwCleaner
2018-02-20 15:46 - 2018-02-20 15:46 - 008222496 _____ (Malwarebytes) C:\Users\DetialStav\Desktop\adwcleaner_7.0.8.0.exe
2018-02-20 08:09 - 2018-02-20 08:09 - 001222144 _____ C:\Users\DetialStav\Desktop\RSITx64.exe
2018-02-20 08:00 - 2018-02-20 08:00 - 000237935 _____ C:\Users\DetialStav\Desktop\Ceník-Neotax-sro.xlsx.pdf
2018-02-20 07:57 - 2018-02-20 07:57 - 000336710 _____ C:\Users\DetialStav\Desktop\Odklad.pdf
2018-02-18 10:34 - 2018-02-18 10:34 - 000688658 _____ C:\Users\DetialStav\Desktop\CN-2018-02-18-6636-Gametall.pdf
2018-02-18 09:29 - 2018-02-18 18:59 - 000000000 ___DC C:\Users\DetialStav\Desktop\požár
2018-02-16 17:27 - 2018-02-16 17:27 - 000106201 _____ C:\Users\DetialStav\Desktop\549515216_0_RocniVypisROS.pdf
2018-02-16 07:05 - 2018-02-16 07:05 - 000000000 ____D C:\Users\DetialStav\.CEWE FOTOIMPORTER
2018-02-16 07:04 - 2018-02-16 07:04 - 000000000 ____D C:\Users\DetialStav\.CEWE prezentace
2018-02-16 07:03 - 2018-02-20 15:59 - 000000000 ____D C:\ProgramData\tmp
2018-02-16 07:03 - 2018-02-20 15:59 - 000000000 ____D C:\ProgramData\hps
2018-02-16 07:03 - 2018-02-16 07:03 - 000000000 ____D C:\Users\DetialStav\AppData\Local\dm CEWE fotosvet
2018-02-16 07:03 - 2018-02-16 07:03 - 000000000 ____D C:\Users\DetialStav\.QtWebEngineProcess
2018-02-16 07:03 - 2018-02-16 07:03 - 000000000 ____D C:\Users\DetialStav\.dm CEWE fotosvet
2018-02-16 07:02 - 2018-02-16 07:02 - 000001041 ____C C:\Users\Public\Desktop\CEWE FOTOIMPORTER.lnk
2018-02-16 07:02 - 2018-02-16 07:02 - 000001036 ____C C:\Users\Public\Desktop\dm CEWE fotosvet.lnk
2018-02-16 07:02 - 2018-02-16 07:02 - 000001031 ____C C:\Users\Public\Desktop\CEWE prezentace.lnk
2018-02-16 07:02 - 2018-02-16 07:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dm CEWE fotosvet
2018-02-16 06:55 - 2018-02-16 06:55 - 000000000 ____D C:\Program Files\dm
2018-02-16 06:54 - 2018-02-16 06:54 - 001646176 _____ C:\Users\DetialStav\Downloads\setup_dm_CEWE_fotosvet.exe
2018-02-15 14:46 - 2018-02-15 14:46 - 000464507 _____ C:\Users\DetialStav\Desktop\Informační e-mail.pdf
2018-02-15 07:43 - 2018-02-15 07:43 - 000152410 _____ C:\Users\DetialStav\Desktop\Příloha_Králová.pdf
2018-02-14 19:28 - 2018-02-10 07:20 - 000599448 ____C (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-02-14 19:28 - 2018-02-10 07:20 - 000077208 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-02-14 19:28 - 2018-02-10 07:15 - 001954048 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-14 19:28 - 2018-02-10 07:15 - 000471968 ____C (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-14 19:28 - 2018-02-10 07:13 - 001416392 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-02-14 19:28 - 2018-02-10 07:13 - 000408984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-02-14 19:28 - 2018-02-10 07:13 - 000373656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-14 19:28 - 2018-02-10 07:10 - 000749976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-14 19:28 - 2018-02-10 07:10 - 000154520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 19:28 - 2018-02-10 07:09 - 000755712 ____C (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-14 19:28 - 2018-02-10 07:09 - 000075160 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 19:28 - 2018-02-10 07:06 - 000727448 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-02-14 19:28 - 2018-02-10 07:06 - 000362904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-14 19:28 - 2018-02-10 07:06 - 000100248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 19:28 - 2018-02-10 07:05 - 000688064 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 19:28 - 2018-02-10 07:04 - 001430760 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-02-14 19:28 - 2018-02-10 07:04 - 000093592 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-14 19:28 - 2018-02-10 06:21 - 001615712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-14 19:28 - 2018-02-10 06:17 - 000597160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-14 19:28 - 2018-02-10 06:17 - 000542856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-02-14 19:28 - 2018-02-10 06:09 - 002338776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-14 19:28 - 2018-02-10 06:09 - 001123456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-02-14 19:28 - 2018-02-10 06:08 - 003980720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-02-14 19:28 - 2018-02-10 06:08 - 002193168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-14 19:28 - 2018-02-10 06:07 - 000543920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-02-14 19:28 - 2018-02-10 06:07 - 000527864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-02-14 19:28 - 2018-02-10 06:07 - 000123808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-02-14 19:28 - 2018-02-10 06:07 - 000089504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 19:28 - 2018-02-10 06:07 - 000083216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-14 19:28 - 2018-02-10 06:05 - 001149272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-14 19:28 - 2018-02-10 06:05 - 000662208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-14 19:28 - 2018-02-10 06:05 - 000386424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-02-14 19:28 - 2018-02-10 06:05 - 000129184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-14 19:28 - 2018-02-10 06:05 - 000074992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-02-14 19:28 - 2018-02-10 05:49 - 000385536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-02-14 19:28 - 2018-02-10 05:47 - 017160704 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 19:28 - 2018-02-10 05:47 - 013704192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-14 19:28 - 2018-02-10 05:47 - 000201728 ____C (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 19:28 - 2018-02-10 05:46 - 002902528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-14 19:28 - 2018-02-10 05:46 - 002393600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-14 19:28 - 2018-02-10 05:46 - 000344576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-14 19:28 - 2018-02-10 05:46 - 000169472 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 19:28 - 2018-02-10 05:46 - 000018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 19:28 - 2018-02-10 05:45 - 000288768 ____C (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-02-14 19:28 - 2018-02-10 05:45 - 000043008 ____C (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-02-14 19:28 - 2018-02-10 05:44 - 000800768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-02-14 19:28 - 2018-02-10 05:44 - 000427008 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 19:28 - 2018-02-10 05:44 - 000336896 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 19:28 - 2018-02-10 05:44 - 000276480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-14 19:28 - 2018-02-10 05:44 - 000208384 ____C (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 19:28 - 2018-02-10 05:44 - 000155648 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-02-14 19:28 - 2018-02-10 05:44 - 000059392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-02-14 19:28 - 2018-02-10 05:43 - 018923008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-14 19:28 - 2018-02-10 05:43 - 000394752 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-14 19:28 - 2018-02-10 05:43 - 000391168 ____C (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 19:28 - 2018-02-10 05:43 - 000311808 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 19:28 - 2018-02-10 05:43 - 000268288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-14 19:28 - 2018-02-10 05:43 - 000147456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 19:28 - 2018-02-10 05:43 - 000013312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-02-14 19:28 - 2018-02-10 05:42 - 001216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 19:28 - 2018-02-10 05:42 - 000975872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 19:28 - 2018-02-10 05:42 - 000731136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-02-14 19:28 - 2018-02-10 05:42 - 000397824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-02-14 19:28 - 2018-02-10 05:42 - 000236032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-14 19:28 - 2018-02-10 05:42 - 000233984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-02-14 19:28 - 2018-02-10 05:42 - 000228352 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 19:28 - 2018-02-10 05:42 - 000225280 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 19:28 - 2018-02-10 05:42 - 000078336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 019352576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 000820224 ____C (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 000815616 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 000451072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 000377856 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 19:28 - 2018-02-10 05:41 - 000369152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 000365568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-14 19:28 - 2018-02-10 05:41 - 000063488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 003405824 ____C (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 001234432 ____C (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 000940544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 000756736 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 000559104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 000499200 ____C (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 000343040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-14 19:28 - 2018-02-10 05:40 - 000195072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 011925504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 004748288 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 002677760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 002490880 ____C (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 001669120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 000680960 ____C (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 000658432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 000648704 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 000462848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-02-14 19:28 - 2018-02-10 05:39 - 000447488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-02-14 19:28 - 2018-02-10 05:38 - 006722560 ____C (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-02-14 19:28 - 2018-02-10 05:38 - 002184192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-02-14 19:28 - 2018-02-10 05:38 - 002082304 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-14 19:28 - 2018-02-10 05:38 - 000982016 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 19:28 - 2018-02-10 05:38 - 000668160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-14 19:28 - 2018-02-10 05:38 - 000653312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-02-14 19:28 - 2018-02-10 05:38 - 000462336 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-14 19:28 - 2018-02-10 05:38 - 000324608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-14 19:28 - 2018-02-10 05:37 - 003678720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-14 19:28 - 2018-02-10 05:37 - 003578368 ____C (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-14 19:28 - 2018-02-10 05:37 - 002523648 ____C (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-14 19:28 - 2018-02-10 05:37 - 001822208 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-14 19:28 - 2018-02-10 05:37 - 001488384 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-14 19:28 - 2018-02-10 05:37 - 000365568 ____C (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-14 19:28 - 2018-02-10 05:37 - 000199680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-14 19:28 - 2018-02-10 05:36 - 006031360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 002859520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 002462208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 001759744 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 001559552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 001342464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 000666624 ____C (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-14 19:28 - 2018-02-10 05:36 - 000559104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-14 19:28 - 2018-02-10 05:35 - 002413568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-14 19:28 - 2018-02-10 05:35 - 002349568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-14 19:28 - 2018-02-10 05:35 - 002013184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-14 19:28 - 2018-02-10 05:35 - 000963584 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-14 19:28 - 2018-02-10 05:35 - 000826880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-14 19:28 - 2018-02-10 05:35 - 000332288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-14 19:28 - 2018-02-10 05:34 - 006532096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-14 19:28 - 2018-02-10 05:34 - 004249600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-14 19:28 - 2018-02-10 05:34 - 002983936 ____C (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 19:28 - 2018-02-10 05:34 - 000111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 19:28 - 2018-02-10 05:33 - 001936384 ____C (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-14 19:28 - 2018-02-10 05:33 - 000621568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 19:28 - 2018-02-10 05:33 - 000620544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 19:28 - 2018-02-10 05:33 - 000604672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 19:28 - 2018-02-10 05:33 - 000341504 ____C (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-14 19:28 - 2018-02-10 05:32 - 002427904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-14 19:28 - 2018-02-10 05:32 - 000681472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-14 19:28 - 2018-02-10 05:32 - 000392704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-14 19:28 - 2018-02-10 05:32 - 000056832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 19:28 - 2018-02-10 05:31 - 001488896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-14 19:28 - 2018-02-10 05:31 - 000301056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-14 19:27 - 2018-02-10 07:21 - 000279456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-14 19:27 - 2018-02-10 07:20 - 001206680 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-14 19:27 - 2018-02-10 07:20 - 001055640 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-14 19:27 - 2018-02-10 07:18 - 001193192 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 19:27 - 2018-02-10 07:18 - 000319864 ____C (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-14 19:27 - 2018-02-10 07:16 - 008603032 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 19:27 - 2018-02-10 07:16 - 002406456 ____C (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 19:27 - 2018-02-10 07:16 - 000739696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-14 19:27 - 2018-02-10 07:14 - 004504464 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-14 19:27 - 2018-02-10 07:14 - 002395032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-14 19:27 - 2018-02-10 07:12 - 004537040 ____C (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-02-14 19:27 - 2018-02-10 07:12 - 001313016 ____C (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 19:27 - 2018-02-10 07:12 - 001277848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-14 19:27 - 2018-02-10 07:12 - 000712600 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-14 19:27 - 2018-02-10 07:10 - 000614160 ____C (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 19:27 - 2018-02-10 07:09 - 003904296 ____C (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-14 19:27 - 2018-02-10 07:08 - 021351624 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-14 19:27 - 2018-02-10 07:08 - 007675784 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-14 19:27 - 2018-02-10 07:08 - 003010248 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-14 19:27 - 2018-02-10 07:08 - 002574232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-14 19:27 - 2018-02-10 07:08 - 000096200 ____C (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-14 19:27 - 2018-02-10 07:08 - 000048112 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-14 19:27 - 2018-02-10 07:07 - 004506576 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-14 19:27 - 2018-02-10 07:07 - 002710728 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-14 19:27 - 2018-02-10 07:06 - 004486904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 19:27 - 2018-02-10 07:06 - 000824896 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 19:27 - 2018-02-10 07:06 - 000494488 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-14 19:27 - 2018-02-10 07:06 - 000087384 ____C (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 19:27 - 2018-02-10 07:05 - 000413888 ____C (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 19:27 - 2018-02-10 07:05 - 000097176 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-02-14 19:27 - 2018-02-10 07:04 - 007384576 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 19:27 - 2018-02-10 07:04 - 006791984 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 19:27 - 2018-02-10 07:04 - 001254144 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-14 19:27 - 2018-02-10 07:04 - 001170008 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-14 19:27 - 2018-02-10 07:04 - 000614296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-02-14 19:27 - 2018-02-10 07:04 - 000603920 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-14 19:27 - 2018-02-10 07:04 - 000374032 ____C (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-14 19:27 - 2018-02-10 07:04 - 000260896 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-14 19:27 - 2018-02-10 07:03 - 000404888 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 19:27 - 2018-02-10 07:02 - 002773400 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-14 19:27 - 2018-02-10 07:02 - 001103768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-02-14 19:27 - 2018-02-10 07:02 - 000617304 ____C (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 19:27 - 2018-02-10 06:17 - 002255112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-02-14 19:27 - 2018-02-10 06:12 - 004382032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-02-14 19:27 - 2018-02-10 06:11 - 001250528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-02-14 19:27 - 2018-02-10 06:09 - 006092152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-14 19:27 - 2018-02-10 06:09 - 003485392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-14 19:27 - 2018-02-10 06:07 - 025253376 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-14 19:27 - 2018-02-10 06:07 - 020286120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-14 19:27 - 2018-02-10 06:06 - 006481640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 19:27 - 2018-02-10 06:06 - 006014688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-14 19:27 - 2018-02-10 06:06 - 004670728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-14 19:27 - 2018-02-10 06:06 - 000982528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-14 19:27 - 2018-02-10 06:05 - 000077552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-02-14 19:27 - 2018-02-10 05:50 - 003665408 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-14 19:27 - 2018-02-10 05:50 - 001294848 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-14 19:27 - 2018-02-10 05:50 - 000849920 ____C (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-02-14 19:27 - 2018-02-10 05:49 - 000536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-14 19:27 - 2018-02-10 05:49 - 000329728 ____C (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-14 19:27 - 2018-02-10 05:49 - 000326656 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-14 19:27 - 2018-02-10 05:49 - 000232960 ____C (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-02-14 19:27 - 2018-02-10 05:47 - 000201216 ____C (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 19:27 - 2018-02-10 05:47 - 000143872 ____C (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-02-14 19:27 - 2018-02-10 05:47 - 000043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-02-14 19:27 - 2018-02-10 05:46 - 000225792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-02-14 19:27 - 2018-02-10 05:46 - 000173568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 19:27 - 2018-02-10 05:46 - 000004608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-02-14 19:27 - 2018-02-10 05:45 - 007545344 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-14 19:27 - 2018-02-10 05:45 - 000115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 19:27 - 2018-02-10 05:45 - 000093696 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-14 19:27 - 2018-02-10 05:45 - 000079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-02-14 19:27 - 2018-02-10 05:45 - 000066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-14 19:27 - 2018-02-10 05:44 - 001498112 ____C (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 19:27 - 2018-02-10 05:44 - 000539136 ____C (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 19:27 - 2018-02-10 05:44 - 000503296 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 19:27 - 2018-02-10 05:44 - 000431616 ____C (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-14 19:27 - 2018-02-10 05:44 - 000388608 ____C (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 008020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 006466560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 003756032 ____C (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 000580608 ____C (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 000570368 ____C (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 000566272 ____C (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 000456704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 000086528 ____C (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-14 19:27 - 2018-02-10 05:43 - 000084480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 023671808 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 001425408 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 001113600 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 19:27 - 2018-02-10 05:42 - 001015296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-02-14 19:27 - 2018-02-10 05:42 - 000813568 ____C (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 000792064 ____C (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 000708096 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 000403968 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 000270336 ____C (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-02-14 19:27 - 2018-02-10 05:42 - 000035328 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-02-14 19:27 - 2018-02-10 05:41 - 001495552 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 19:27 - 2018-02-10 05:41 - 000859648 ____C (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-02-14 19:27 - 2018-02-10 05:41 - 000721408 ____C (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-14 19:27 - 2018-02-10 05:41 - 000504832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-02-14 19:27 - 2018-02-10 05:41 - 000401408 ____C (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-14 19:27 - 2018-02-10 05:41 - 000288768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 012831744 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 008110080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 004113408 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 003367936 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 002873344 ____C (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 001002496 ____C (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 000939520 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 000930816 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 000886784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-02-14 19:27 - 2018-02-10 05:40 - 000601088 ____C (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 000508416 ____C (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-02-14 19:27 - 2018-02-10 05:40 - 000463360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-02-14 19:27 - 2018-02-10 05:40 - 000421376 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 000386560 ____C (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-02-14 19:27 - 2018-02-10 05:40 - 000366080 ____C (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 005500928 ____C (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 004592640 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 002976256 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 002741248 ____C (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 002209280 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 000908800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 000721920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 000621056 ____C (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-02-14 19:27 - 2018-02-10 05:39 - 000346112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 006567936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 005833216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 004815360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 003334144 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 003169280 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 003125760 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 002857984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 002086400 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-14 19:27 - 2018-02-10 05:38 - 001597952 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 001547776 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 001228800 ____C (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 001167360 ____C (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 001166336 ____C (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 001057792 ____C (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000939520 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000885248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000863744 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000755712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-02-14 19:27 - 2018-02-10 05:38 - 000699904 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000556544 ____C (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000524800 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000509440 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000506880 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-02-14 19:27 - 2018-02-10 05:38 - 000401920 ____C (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 004839424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 004772352 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 003287040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 002784256 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 000965632 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 000862208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 000456704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 000417792 ____C (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 000308224 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 19:27 - 2018-02-10 05:37 - 000198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 002869760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 002464768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 002035712 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 001739264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 000695296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 000685056 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 000599552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 000576512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-14 19:27 - 2018-02-10 05:36 - 000383488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 005388800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 004384768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 002814976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 001474560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000943104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000941568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000918528 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000862208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000842240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000796160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000433664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000402944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-14 19:27 - 2018-02-10 05:35 - 000329728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-14 19:27 - 2018-02-10 05:34 - 000624640 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 19:27 - 2018-02-10 05:34 - 000433152 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 19:27 - 2018-02-10 05:33 - 001661440 ____C (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-14 19:27 - 2018-02-10 05:33 - 001557504 ____C (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-14 19:27 - 2018-02-10 05:33 - 001509888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-14 19:27 - 2018-02-10 05:33 - 000482816 ____C (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-14 19:27 - 2018-02-10 05:33 - 000266752 ____C (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-14 19:27 - 2018-02-10 05:33 - 000125952 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-14 19:27 - 2018-02-10 05:31 - 001159680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-14 19:26 - 2018-02-10 07:24 - 000270744 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-14 19:26 - 2018-02-10 07:23 - 001577880 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-14 19:26 - 2018-02-10 07:23 - 000758168 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-14 19:26 - 2018-02-10 07:23 - 000613272 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-14 19:26 - 2018-02-10 07:23 - 000138136 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 19:26 - 2018-02-10 07:22 - 002003352 ____C (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-14 19:26 - 2018-02-10 07:22 - 000662936 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-14 19:26 - 2018-02-10 07:22 - 000460696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-14 19:26 - 2018-02-10 07:22 - 000387480 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-14 19:26 - 2018-02-10 07:22 - 000272800 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-14 19:26 - 2018-02-10 07:22 - 000070040 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 19:26 - 2018-02-10 07:22 - 000035224 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 19:26 - 2018-02-10 07:21 - 001092016 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-14 19:26 - 2018-02-10 07:21 - 000479912 ____C (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 19:26 - 2018-02-10 07:20 - 000924648 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-14 19:26 - 2018-02-10 07:19 - 001133888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 19:26 - 2018-02-10 07:18 - 000098272 ____C (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-02-14 19:26 - 2018-02-10 07:18 - 000022400 ____C (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 19:26 - 2018-02-10 07:17 - 001209240 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-14 19:26 - 2018-02-10 07:15 - 002514944 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-02-14 19:26 - 2018-02-10 07:15 - 001415296 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-14 19:26 - 2018-02-10 07:14 - 001002592 ____C (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 19:26 - 2018-02-10 07:13 - 000535960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-14 19:26 - 2018-02-10 07:11 - 001029528 ____C (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-02-14 19:26 - 2018-02-10 07:11 - 000711432 ____C (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-14 19:26 - 2018-02-10 07:11 - 000677784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-14 19:26 - 2018-02-10 07:11 - 000494496 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-14 19:26 - 2018-02-10 07:10 - 002447768 ____C (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 19:26 - 2018-02-10 07:10 - 000246168 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-14 19:26 - 2018-02-10 07:09 - 000525208 ____C (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-14 19:26 - 2018-02-10 07:09 - 000491264 ____C (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-02-14 19:26 - 2018-02-10 07:08 - 000687552 ____C (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 19:26 - 2018-02-10 07:08 - 000398824 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 19:26 - 2018-02-10 07:07 - 000705944 ____C (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-14 19:26 - 2018-02-10 07:07 - 000436632 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 19:26 - 2018-02-10 07:06 - 000594048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-02-14 19:26 - 2018-02-10 07:06 - 000519144 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 19:26 - 2018-02-10 07:06 - 000356952 ____C (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-14 19:26 - 2018-02-10 07:06 - 000189336 ____C (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 19:26 - 2018-02-10 07:05 - 000070856 ____C (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-14 19:26 - 2018-02-10 07:04 - 001426672 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-14 19:26 - 2018-02-10 07:04 - 000339872 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 19:26 - 2018-02-10 07:04 - 000212880 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 19:26 - 2018-02-10 07:03 - 001619808 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-02-14 19:26 - 2018-02-10 07:03 - 000849304 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 19:26 - 2018-02-10 07:03 - 000722616 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-14 19:26 - 2018-02-10 07:03 - 000706600 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 19:26 - 2018-02-10 07:03 - 000098712 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 19:26 - 2018-02-10 07:02 - 000628632 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 19:26 - 2018-02-10 06:22 - 001930224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-02-14 19:26 - 2018-02-10 06:18 - 001384288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-02-14 19:26 - 2018-02-10 06:17 - 000211864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-14 19:26 - 2018-02-10 06:15 - 001145624 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-14 19:26 - 2018-02-10 06:10 - 000422592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-02-14 19:26 - 2018-02-10 06:09 - 000559976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-14 19:26 - 2018-02-10 06:09 - 000354200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-14 19:26 - 2018-02-10 06:08 - 000592792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-14 19:26 - 2018-02-10 06:07 - 000284112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-14 19:26 - 2018-02-10 06:07 - 000061024 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-14 19:26 - 2018-02-10 06:05 - 001246432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-14 19:26 - 2018-02-10 06:05 - 000718232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-02-14 19:26 - 2018-02-10 06:05 - 000654456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-02-14 19:26 - 2018-02-10 06:05 - 000551672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-02-14 19:26 - 2018-02-10 06:05 - 000193248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-02-14 19:26 - 2018-02-10 06:05 - 000079256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-02-14 19:26 - 2018-02-10 06:03 - 000505160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-02-14 19:26 - 2018-02-10 05:50 - 001313792 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-14 19:26 - 2018-02-10 05:50 - 000496128 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 19:26 - 2018-02-10 05:49 - 001664512 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 19:26 - 2018-02-10 05:49 - 000848896 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 19:26 - 2018-02-10 05:49 - 000211456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 19:26 - 2018-02-10 05:49 - 000107520 ____C (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 19:26 - 2018-02-10 05:48 - 002890240 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 19:26 - 2018-02-10 05:48 - 000033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-02-14 19:26 - 2018-02-10 05:48 - 000025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 19:26 - 2018-02-10 05:47 - 000331264 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-02-14 19:26 - 2018-02-10 05:47 - 000140800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 19:26 - 2018-02-10 05:47 - 000055808 ____C (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-02-14 19:26 - 2018-02-10 05:47 - 000046080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-14 19:26 - 2018-02-10 05:47 - 000033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-02-14 19:26 - 2018-02-10 05:47 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 001470976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 001008640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 000199168 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 000162304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 000135680 ____C (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 000082432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 19:26 - 2018-02-10 05:46 - 000026112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-02-14 19:26 - 2018-02-10 05:45 - 000675328 ____C (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 19:26 - 2018-02-10 05:45 - 000306688 ____C (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-14 19:26 - 2018-02-10 05:45 - 000288256 ____C (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-14 19:26 - 2018-02-10 05:45 - 000016384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 19:26 - 2018-02-10 05:44 - 000579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 19:26 - 2018-02-10 05:44 - 000302592 ____C (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 19:26 - 2018-02-10 05:44 - 000276992 ____C (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-02-14 19:26 - 2018-02-10 05:44 - 000048640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-02-14 19:26 - 2018-02-10 05:44 - 000002560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-14 19:26 - 2018-02-10 05:43 - 000247296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-14 19:26 - 2018-02-10 05:43 - 000181248 ____C (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-02-14 19:26 - 2018-02-10 05:43 - 000110080 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-02-14 19:26 - 2018-02-10 05:43 - 000106496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000950784 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000837632 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000634880 ____C (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000459776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000286720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000234496 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000184832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000160768 ____C (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000160256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000130048 ____C (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000112640 ____C (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000098304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-14 19:26 - 2018-02-10 05:42 - 000024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-02-14 19:26 - 2018-02-10 05:41 - 000466432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-02-14 19:26 - 2018-02-10 05:41 - 000405504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-02-14 19:26 - 2018-02-10 05:41 - 000255488 ____C (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-02-14 19:26 - 2018-02-10 05:41 - 000221184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-02-14 19:26 - 2018-02-10 05:41 - 000124928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-02-14 19:26 - 2018-02-10 05:40 - 004498432 ____C (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 19:26 - 2018-02-10 05:40 - 000856576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-02-14 19:26 - 2018-02-10 05:40 - 000691200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-02-14 19:26 - 2018-02-10 05:40 - 000526336 ____C (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-02-14 19:26 - 2018-02-10 05:40 - 000298496 ____C (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-02-14 19:26 - 2018-02-10 05:40 - 000232960 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-02-14 19:26 - 2018-02-10 05:40 - 000177152 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 19:26 - 2018-02-10 05:39 - 000315904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-02-14 19:26 - 2018-02-10 05:39 - 000157696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-02-14 19:26 - 2018-02-10 05:39 - 000096256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-02-14 19:26 - 2018-02-10 05:39 - 000020992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-02-14 19:26 - 2018-02-10 05:38 - 001968640 ____C (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-02-14 19:26 - 2018-02-10 05:38 - 001353728 ____C (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-14 19:26 - 2018-02-10 05:38 - 000598528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 19:26 - 2018-02-10 05:38 - 000174592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-02-14 19:26 - 2018-02-10 05:37 - 003419136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-14 19:26 - 2018-02-10 05:36 - 001230848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-14 19:26 - 2018-02-10 05:36 - 000915968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-14 19:26 - 2018-02-10 05:36 - 000403968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-02-14 19:26 - 2018-02-10 05:36 - 000141824 ____C (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-02-14 19:26 - 2018-02-10 05:36 - 000076288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-14 19:26 - 2018-02-10 05:35 - 000667136 ____C (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-02-14 19:26 - 2018-02-10 05:35 - 000455680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-14 19:26 - 2018-02-10 05:34 - 000464384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 19:26 - 2018-02-10 05:33 - 001570816 ____C (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 19:26 - 2018-02-10 05:33 - 000217088 ____C (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-02-14 19:26 - 2018-02-10 05:33 - 000093696 ____C (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-02-14 19:26 - 2018-02-10 05:32 - 000073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-02-14 19:26 - 2018-02-10 05:32 - 000050176 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-02-14 19:26 - 2018-02-10 05:31 - 000190464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-02-14 19:26 - 2018-02-10 05:31 - 000078848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-02-14 19:26 - 2018-02-09 04:35 - 004959688 ____C (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 19:26 - 2018-02-09 04:35 - 001234888 ____C (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-14 19:26 - 2018-02-09 04:35 - 001002952 ____C (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 19:26 - 2018-02-09 04:35 - 000892872 ____C (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-14 19:26 - 2018-02-09 04:35 - 000065992 ____C (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 19:26 - 2018-02-02 04:36 - 003903944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-14 19:26 - 2018-02-02 04:36 - 000921032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-14 19:26 - 2018-02-02 04:36 - 000854976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-14 19:26 - 2018-02-02 04:36 - 000649672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-14 19:26 - 2018-02-02 04:36 - 000054720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-14 15:35 - 2018-02-14 15:35 - 000262354 ____C C:\Users\DetialStav\Desktop\Kalkulace_20180214.pdf
2018-02-14 08:03 - 2018-02-14 08:03 - 000020131 ____C C:\Users\DetialStav\Desktop\kalkulace_dip.odt
2018-02-14 07:21 - 2018-02-14 07:21 - 000328436 _____ C:\Users\DetialStav\Downloads\ACFrOgBEb2vzY08Cg3eB6q3kvkfLnFYOEfJtf_J11Y8lrHLa426Orla_Kh5hVdCRvUlqIR6i8oZcxyBhxARr5F-Kl25ZzRU0AmaTTAAFFbZo3f98wjL1gAcf9vg9WbI=.pdf
2018-02-13 21:01 - 2018-02-13 21:01 - 040040429 _____ C:\Users\DetialStav\Downloads\easycardcreator_free_setup.exe
2018-02-13 21:00 - 2018-02-13 21:00 - 000951104 _____ C:\Users\DetialStav\Downloads\Vizitka_17_05_CZ.zip
2018-02-13 20:56 - 2018-02-13 20:58 - 316035665 _____ C:\Users\DetialStav\Downloads\BusinessCardShop500.dmg
2018-02-13 18:27 - 2018-02-13 18:27 - 000300601 _____ C:\Users\DetialStav\Downloads\TL-GOREPOX-CLEAR-G.pdf
2018-02-13 07:16 - 2018-02-13 07:38 - 000000000 ___DC C:\Users\DetialStav\Desktop\právník
2018-02-12 17:45 - 2018-02-12 17:45 - 000467482 _____ C:\Users\DetialStav\Desktop\Dražební vyhláška NV - elektronická dražba-2017-09-26-18-56-17.pdf
2018-02-12 12:30 - 2018-02-12 12:30 - 000066706 _____ C:\Users\DetialStav\Desktop\547582600_0_00111062_usp_0305_1800959933.pdf
2018-02-12 07:38 - 2018-02-12 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
2018-02-12 07:37 - 2018-02-12 07:38 - 000000000 ____D C:\Program Files\LibreOffice
2018-02-12 07:34 - 2018-02-12 07:35 - 274030592 _____ C:\Users\DetialStav\Downloads\LibreOffice_6.0.0_Win_x64.msi
2018-02-12 07:21 - 2018-02-12 07:21 - 128658532 _____ C:\Users\DetialStav\Downloads\Apache_OpenOffice_4.1.4_Win_x86_install_cs.exe
2018-02-12 07:21 - 2018-02-12 07:21 - 000000000 ___DC C:\Users\DetialStav\Documents\OpenOffice 4.1.4 (cs) Installation Files
2018-02-10 19:57 - 2018-02-10 20:02 - 000000000 ___DC C:\Users\DetialStav\Desktop\pája
2018-02-09 15:43 - 2018-02-09 16:32 - 000000000 ___DC C:\Users\DetialStav\Desktop\KB
2018-02-09 08:10 - 2018-02-09 08:10 - 000000000 ____D C:\Users\DetialStav\AppData\Roaming\Kastner software
2018-02-09 08:10 - 2018-02-09 08:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FORM studio
2018-02-09 08:10 - 2018-02-09 08:10 - 000000000 ____D C:\ProgramData\KASTNER software
2018-02-09 08:10 - 2018-02-09 08:10 - 000000000 ____D C:\Program Files (x86)\KASTNER software
2018-02-08 15:40 - 2018-02-19 07:04 - 000000000 ___DC C:\Users\DetialStav\Desktop\Janskeho
2018-02-06 21:16 - 2018-02-06 21:16 - 000000000 ____D C:\Users\DetialStav\AppData\Roaming\Lamantine
2018-02-06 21:00 - 2018-02-20 08:08 - 000000000 __SDC C:\Users\DetialStav\Documents\Sticky Passwords
2018-02-06 21:00 - 2018-02-06 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Password
2018-02-06 20:59 - 2018-02-06 21:00 - 000000000 ____D C:\Program Files (x86)\Sticky Password
2018-02-06 20:59 - 2018-02-06 20:59 - 037569568 _____ (Lamantine Software ) C:\Users\DetialStav\Downloads\StickyPassword_rev810103.exe
2018-02-06 20:54 - 2018-02-06 20:58 - 000000000 ____D C:\Users\DetialStav\AppData\Roaming\KeePass
2018-02-06 20:53 - 2018-02-06 20:53 - 003231080 _____ (Dominik Reichl ) C:\Users\DetialStav\Downloads\KeePass-2.38-Setup.exe
2018-02-04 19:41 - 2018-02-04 19:41 - 001097728 ____C C:\Users\DetialStav\Desktop\návod.ppt
2018-02-02 18:31 - 2018-02-02 18:31 - 000441322 _____ C:\Users\DetialStav\Desktop\Novotný Počáply - inv 2017.pdf
2018-02-01 09:02 - 2018-01-17 19:47 - 000804240 ____C C:\WINDOWS\SysWOW64\locale.nls
2018-02-01 09:02 - 2018-01-17 19:47 - 000804240 ____C C:\WINDOWS\system32\locale.nls
2018-01-31 19:53 - 2018-02-01 08:07 - 000010399 _____ C:\Users\DetialStav\Desktop\Black list.odt
2018-01-30 16:43 - 2018-01-30 18:04 - 000000000 ___DC C:\Users\DetialStav\Desktop\scan

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-20 15:59 - 2017-10-26 16:54 - 005272834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-20 15:59 - 2017-09-30 15:31 - 002570278 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-20 15:59 - 2017-09-30 15:31 - 000693194 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-20 15:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-20 15:53 - 2016-11-17 22:08 - 000000000 ___DC C:\Users\DetialStav\AppData\LocalLow\Mozilla
2018-02-20 15:51 - 2017-10-26 16:52 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2018-02-20 15:51 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-20 15:51 - 2016-10-01 11:07 - 000000000 _SHDC C:\Users\DetialStav\IntelGraphicsProfiles
2018-02-20 13:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-20 13:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-20 08:09 - 2016-11-07 22:32 - 000000000 ___DC C:\Program Files\trend micro
2018-02-20 07:37 - 2017-11-26 10:11 - 000000000 ___DC C:\Users\DetialStav\Desktop\Ex_M
2018-02-20 07:33 - 2017-08-21 21:02 - 000000000 ___DC C:\Users\DetialStav\Desktop\MUD_SYSTEM
2018-02-20 07:31 - 2017-12-06 21:41 - 000019200 ____C C:\Users\DetialStav\Desktop\Kluci.ods
2018-02-20 07:11 - 2016-10-01 07:07 - 000000000 ___DC C:\Users\DetialStav\Documents\záloha_účetnictví
2018-02-20 07:09 - 2017-07-16 17:18 - 000000000 ___DC C:\Users\DetialStav\Documents\Záloha_úč_Králová
2018-02-20 06:16 - 2017-10-26 16:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-19 06:26 - 2017-05-29 19:50 - 000000000 ___DC C:\Users\DetialStav\Desktop\Zvánovická
2018-02-17 15:03 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-16 07:20 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-16 07:05 - 2017-10-26 16:44 - 000000000 ____D C:\Users\DetialStav
2018-02-15 22:00 - 2017-05-24 05:43 - 000000000 ___DC C:\Users\DetialStav\Documents\Archiv
2018-02-15 18:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-15 14:03 - 2017-10-26 16:55 - 000000000 ___RD C:\Users\DetialStav\3D Objects
2018-02-15 14:03 - 2017-10-26 16:41 - 000409912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-15 14:03 - 2016-09-30 17:42 - 000000000 _RHDC C:\Users\Public\AccountPictures
2018-02-15 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-15 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-15 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-15 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-15 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-02-14 19:41 - 2016-10-01 10:38 - 000000000 ___DC C:\WINDOWS\system32\MRT
2018-02-14 19:38 - 2017-10-10 20:03 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 19:38 - 2016-10-01 10:38 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-14 19:36 - 2017-09-29 14:41 - 001043352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-02-14 19:33 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-14 19:30 - 2017-09-29 14:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-13 19:00 - 2017-12-28 10:02 - 000000000 ___DC C:\Users\DetialStav\Desktop\gaston
2018-02-13 18:13 - 2017-10-26 16:52 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-12 15:23 - 2017-11-26 09:40 - 000000000 ___DC C:\Users\DetialStav\Documents\zaloha_cc
2018-02-12 15:21 - 2016-10-09 18:45 - 000000000 ___DC C:\Program Files (x86)\OpenOffice 4
2018-02-12 15:17 - 2016-11-17 20:23 - 000000000 ___DC C:\Program Files (x86)\Mozilla Firefox
2018-02-12 15:17 - 2016-10-01 09:57 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-12 13:09 - 2016-11-02 20:38 - 000000000 ___DC C:\Users\DetialStav\Desktop\poslat
2018-02-09 08:09 - 2016-12-26 15:54 - 000000000 ___DC C:\Users\DetialStav\Desktop\TISK
2018-02-09 08:01 - 2016-10-01 09:57 - 000001228 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-08 07:20 - 2017-11-08 20:44 - 000000000 ____D C:\Users\DetialStav\AppData\Local\PlaceholderTileLogoFolder
2018-02-07 20:15 - 2017-10-26 16:44 - 000000000 ____D C:\Users\DetialStav\AppData\Local\Packages
2018-02-07 00:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-07 00:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-06 20:42 - 2017-07-16 20:14 - 000000000 ___DC C:\Users\DetialStav\Desktop\Králová_Petra
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 21:40 - 2016-10-30 23:10 - 000000000 ___DC C:\Users\DetialStav\Documents\lakovna
2018-02-01 07:41 - 2016-10-01 10:00 - 000001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PROFIT.lnk
2018-02-01 07:41 - 2016-10-01 10:00 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2018-02-01 07:41 - 2016-10-01 10:00 - 000000000 ___DC C:\Program Files (x86)\PROFIT
2018-01-31 14:38 - 2017-11-18 18:36 - 000000000 ___DC C:\Users\DetialStav\Desktop\Hulka
2018-01-25 18:07 - 2017-07-16 17:27 - 000000000 ____D C:\Users\DetialStav\AppData\Roaming\STORMWARE
2018-01-25 17:14 - 2017-06-30 07:18 - 000000000 ___DC C:\Users\DetialStav\Desktop\daně_2017
2018-01-24 18:58 - 2016-10-01 10:47 - 000548000 ____C (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2017-11-10 13:14 - 2017-11-10 13:15 - 000005632 _____ () C:\Users\DetialStav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-16 22:16

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:222.15 GB) (Free:72.86 GB) NTFS
Drive d: (Windows) (Fixed) (Total:447.43 GB) (Free:32.3 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:16.44 GB) (Free:1.72 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{6086a457-5322-4e57-bc6c-11236a12684e}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{81d1e8fb-3180-4169-aec8-6a8a6a0f0e06}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{fef0ec5f-a966-493a-9ee8-775e2b5bebf0}\ () (Fixed) (Total:0.87 GB) (Free:0.32 GB) NTFS
\\?\Volume{9ff49694-2672-495d-affb-4a64aaa35c6b}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS
\\?\Volume{cadc7104-5ae8-4e39-8bfc-a4226f113287}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{8b9aa3a8-222e-4156-82f0-23574b1a9676}\ () (Fixed) (Total:0.88 GB) (Free:0.35 GB) NTFS

Available physical RAM: 1757.27 MB
Total physical RAM: 3982.27 MB
Percentage of memory in use: 55%

==================== MBR and Partition Table ==================

Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Disk: 1 (Size: 465.8 GB) (Disk ID: 6724854A)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0
Verze podpisu: AV: 1.261.1390.0, AS: 1.261.1390.0, NIS: 118.2.0.0



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\DetialStav\Desktop" je 2787 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Přílohy
Addition.zip
(9.85 KiB) Staženo 73 x
:oops:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe
    File: C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
    
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
    ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    Task: {B4CDFDB1-0FD4-47E2-B07D-89C751634413} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: "Velikost slozky "C:\Users\DetialStav\Desktop" je 2787 MB."
  • Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#7 Příspěvek od gastrotop »

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.02.2018
Ran by DetialStav (20-02-2018 16:32:17) Run:1
Running from C:\Users\DetialStav\Desktop
Loaded Profiles: DetialStav (Available Profiles: defaultuser0 & DetialStav)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe
File: C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {B4CDFDB1-0FD4-47E2-B07D-89C751634413} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe ========================

C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe
File is digitally signed
MD5: D4AD55A8145F94E63F60C3B8C3B2AB6E
Creation and modification date: 2017-11-27 15:45 - 2008-12-10 11:10
Size: 000796784
Attributes: ----A
Company Name:
Internal Name: Yunpeng
Original Name: yunpeng.EXE
Product: WYunpeng Application
Description: WYunpeng MFC Application
File Version: 1, 4, 31010, 483
Product Version: 1, 4, 31010, 483
Copyright: Copyright (C) 2005
VirusTotal: https://www.virustotal.com/file/ac3e4ee ... 518316519/

====== End of File: ======


========================= File: C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe ========================

C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
File not signed
MD5: 627D8284D6AAF6F08435B07AC160AFA7
Creation and modification date: 2017-02-21 09:27 - 2017-02-21 09:27
Size: 000121344
Attributes: ---AC
Company Name: Dassault Systèmes
Internal Name: dsHttpApiController.exe
Original Name: dsHttpApiController.exe
Product: DraftSight API Service
Description: DraftSight API Service
File Version: 17.1.0.78093
Product Version: 17.1.0.78093
Copyright: © 2017 Dassault Systèmes
VirusTotal: https://www.virustotal.com/file/fa0127b ... 518101200/

====== End of File: ======

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4CDFDB1-0FD4-47E2-B07D-89C751634413} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4CDFDB1-0FD4-47E2-B07D-89C751634413} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove key. ErrorCode1: 0x00000001
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 151477080 B
Java, Flash, Steam htmlcache => 51707666 B
Windows/system/drivers => 64024 B
Edge => 1364 B
Chrome => 157942 B
Firefox => 395781715 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 28308 B
defaultuser0 => 7168 B
DetialStav => 23975568 B

RecycleBin => 3667399953 B
EmptyTemp: => 4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 20-02-2018 16:35:22)


Result of scheduled keys to remove after reboot:

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4CDFDB1-0FD4-47E2-B07D-89C751634413}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4CDFDB1-0FD4-47E2-B07D-89C751634413}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key removed successfully

==== End of Fixlog 16:35:22 ====

:!: plochu uklidím
:oops:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#8 Příspěvek od Conder »

:arrow: Logy vyzeraju OK. Su s PC nejake problemy?

:arrow: Ak nie, tak upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

gastrotop
Návštěvník
Návštěvník
Příspěvky: 141
Registrován: 16 zář 2006 15:40

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#9 Příspěvek od gastrotop »

Super, moc děkuji! Vše o.k.
:oops:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Dobrý den, prosím o prev. kontrolu. Děkuji

#10 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno