VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Trojský kůň

https://forum.viry.cz:443/viewtopic.php?t=149890

Stránka 1 z 1

Trojský kůň

Napsal: 02 zář 2016 18:28
od lebka75
zdravím, prosím o pomoc, včera mi eset začal hlásit tojana a pak nešel ani zapnout notebook. Dnes jsem ho již zapnul, ale Mozilla je v továrním nastavení. díky

info.txt logfile of random's system information tool 1.10 2016-09-02 19:19:04

======MBR======

0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000EFFAD8D4000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

Adobe Acrobat Reader DC - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AC0F074E4100}
Adobe Flash Player 22 NPAPI-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_Plugin.exe -maintain plugin
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824191728}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ANT Drivers Installer x64-->MsiExec.exe /I{67DC8027-2FC4-4A47-989A-F81A7E9D9280}
Avidemux 2.6 - 64 bits-->C:\Program Files\Avidemux 2.6 - 64 bits\uninstall.exe
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA6~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\System32\DriverStore\FileRepository\ant_libusb.inf_amd64_54173307afc55815\ant_libusb.inf
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA6~1\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\System32\DriverStore\FileRepository\usb_ant_siusbxp_3_1.inf_amd64_a786cf555bc1afd4\usb_ant_siusbxp_3_1.inf
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe
Elevated Installer-->MsiExec.exe /I{C084F421-2102-45F2-9BAF-7CFAD4FE831A}
ESET NOD32 Antivirus-->MsiExec.exe /I{6EF8A223-95F9-489E-98F6-BCC73DC3C5A4}
Garmin Express Tray-->MsiExec.exe /I{D4755DEE-8BB7-48C8-912D-B0AD6B847815}
Garmin Express-->"C:\ProgramData\Package Cache\{686d881a-083e-4030-80db-52c493bf89d3}\GarminExpressInstaller.exe" /uninstall
Garmin Express-->MsiExec.exe /I{3966320F-A37D-496C-A274-2AA985E8A0AE}
Java 8 Update 101-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180101F0}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005-->MsiExec.exe /X{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}
Mozilla Firefox 48.0.2 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MWSnap 3-->"C:\Program Files (x86)\MWSnap\uninstall.exe"
Pomocník při upgradu na Windows 10-->"C:\Windows10Upgrade\Windows10UpgraderApp.exe" /Uninstall
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DF2F5DAC-93D7-434B-96B1-EAF4D891AD24}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A33F3451-9AD4-46C0-9CDB-AA38071CDAB5}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF11577A-6876-45AA-86C9-2BA4CFB8B019}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {08F2015D-61E9-4252-9355-AB8D15C73C96}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488CDF0A-098C-4CF5-8552-DA5F2F7B7829}
Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E359D786-B101-4545-B8AB-8652323CF3CA}
Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {800D1A82-D1B0-4ED4-89B4-C666B570ABA5}
Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8D2CDFAB-0079-43CC-A289-2F7A67F0A4DE}
Security Update for Microsoft Office 2007 suites (KB3114442) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {69E0CBF6-BBD9-43F8-86DD-13B247CC26BE}
Security Update for Microsoft Office 2007 suites (KB3114893) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D12CCAE-88B0-4983-8051-B94683B84F03}
Security Update for Microsoft Office 2007 suites (KB3115109) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1977B207-301C-484B-B70F-98B506234D55}
Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F774C8A-B1CE-486C-A64E-EA96AE48B813}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115308) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E793C11F-418E-43CE-BB22-84EB1CA517EE}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115464) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D732098C-6DD7-4D8D-A9DC-F33D6ABC7A80}
Security Update for Microsoft Office Excel 2007 (KB3115306) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {57006E27-A90D-4357-8BA7-F8A9AE8E3FEF}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office InfoPath 2007 (KB3114426) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {26C5C75F-E1FD-4F95-AA29-CA221C3AFEEE}
Security Update for Microsoft Office OneNote 2007 (KB3114456) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E0F25378-0690-4F53-998A-F5D63412BBD7}
Security Update for Microsoft Office Outlook 2007 (KB3114981) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F94F551-FCE9-446E-B18A-31FC23C00469}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B9E85A9D-2565-4DDC-A21D-34DACF7D716A}
Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {724051CF-E09E-4F84-9946-F5014AB7389B}
Security Update for Microsoft Office Visio Viewer 2007 (KB2596915) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7FE99CC2-FBE5-422F-A6FB-49E0D8AFE919}
Security Update for Microsoft Office Word 2007 (KB3115465) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C53CCF1F-EBCE-4DF3-A257-EE26D7A7C439}
Seznam Instalátor-->C:\WINDOWS\system32\ssinstall-uninstall.bat
TeamViewer 11-->C:\Program Files (x86)\TeamViewer\uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7C3337E5-1294-4270-A64F-DCEF812159E5}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115461) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8C829BE5-F60C-417A-89E3-9A1B427320F2}
Viber-->MsiExec.exe /I{D65DDA75-2C0A-46BA-807D-127BD5638490}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 5.30 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: DESKTOP-8PLP21H
Event Code: 27
Message: Typ spuštění byl 0x0.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20160803070812.324846-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-8PLP21H
Event Code: 153
Message: The Virtualization Based Security (policies: 0) is disabled with status STATUS_SUCCESS.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20160803070812.324588-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-8PLP21H
Event Code: 12
Message: Operační systém se spustil v systémovém čase ‎2016‎-‎08‎-‎03T07:08:11.489823900Z.
Record Number: 3
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20160803070812.324464-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-8PLP21H
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 2
Source Name: EventLog
Time Written: 20160803071011.843163-000
Event Type: Informace
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 14393 Multiprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20160803071011.843163-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: DESKTOP-8PLP21H
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US> Kryptografický otisk SHA1: <5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25>.
Record Number: 5
Source Name: Microsoft-Windows-CAPI2
Time Written: 20160803071033.203775-000
Event Type: Informace
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 4097
Message: Úspěšná automatická aktualizace kořenového certifikátu jiného výrobce: Subjekt: <CN=GlobalSign Root CA, OU=Root CA, O=GlobalSign nv-sa, C=BE> Kryptografický otisk SHA1: <B1BC968BD4F49D622AA89A81F2150152A41D829C>.
Record Number: 4
Source Name: Microsoft-Windows-CAPI2
Time Written: 20160803071027.937730-000
Event Type: Informace
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20160803071022.318405-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-8PLP21H
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20160803071013.097338-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: DESKTOP-8PLP21H
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20160803071013.015287-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: DESKTOP-8PLP21H
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-8PLP21H$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 4D4-0000188094E37A9A-NodSSL
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 85106
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160820120644.325080-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-8PLP21H$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: UNKNOWN
Název klíče: 4D4-0000188094E37A9A-NodSSL
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\c1a7550f3d278c98ea6ba350f2eba5d8_38969e17-d846-446a-a097-e23ad14d5e68
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 85105
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160820120644.323947-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-8PLP21H$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 4D4-00001880932DC0A8-NodSSL
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 85104
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160820120644.305641-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 5058
Message: Operace se souborem klíče.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-8PLP21H$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: UNKNOWN
Název klíče: 4D4-00001880932DC0A8-NodSSL
Typ klíče: Klíč počítače

Informace o operaci se souborem klíče:
Cesta k souboru: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\706e4b6e51034ae38f536711f4967364_38969e17-d846-446a-a097-e23ad14d5e68
Operace: Čtení trvalého klíče ze souboru
Návratový kód: 0x0
Record Number: 85103
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160820120644.304481-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-8PLP21H
Event Code: 5061
Message: Kryptografická operace.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-8PLP21H$
Doména účtu: WORKGROUP
ID přihlášení: 0x3E7

Kryptografické parametry:
Název poskytovatele: Microsoft Software Key Storage Provider
Název algoritmu: RSA
Název klíče: 4D4-0000188092EE9B78-NodSSL
Typ klíče: Klíč počítače

Kryptografická operace:
Operace: Otevřít klíč
Návratový kód: 0x0
Record Number: 85102
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20160820120644.301845-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 55 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=3708
"Path"=C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"ESET_OPTIONS"=

-----------------EOF-----------------

Re: Trojský kůň

Napsal: 02 zář 2016 18:33
od Rudy
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Trojský kůň

Napsal: 02 zář 2016 18:59
od lebka75
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by já (administrator) on DESKTOP-8PLP21H (02-09-2016 19:47:58)
Running from C:\Users\já\Desktop
Loaded Profiles: já (Available Profiles: já)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.82_none_5be7b69702339d1d\TiWorker.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Setup Utility 15.0] => C:\Program Files (x86)\Navigator15\Setup Utility\clickertray.exe
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{639aff68-58c1-4ebd-9aca-0abc36958470}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{71f1ac28-025c-4086-9fb9-d0cba551526c}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\já\AppData\Roaming\Profiles\5zu9jvy9.default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (Seznam lištička) - C:\Users\já\AppData\Roaming\Profiles\5zu9jvy9.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-08-31]
FF Extension: (Seznam lištička) - C:\Users\já\AppData\Roaming\Mozilla\Firefox\Profiles\r3qxdw4b.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-07-13]
FF Extension: (FirefixTab) - C:\Users\já\AppData\Roaming\Profiles\5zu9jvy9.default\Extensions\deskCutv2@gmail.com [2016-08-31] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-06-16] (ESET)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [809488 2016-07-31] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 ssinstall; C:\WINDOWS\SysWOW64\ssins.exe [2324216 2016-01-19] (PS Media s.r.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 apmwinsrv; "C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-06-19] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-06-19] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-16] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199680 2016-06-16] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-03-16] (ESET)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [183896 2016-03-25] (ELAN Microelectronic Corp.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-02] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-09-11] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S0 qkchufj; System32\drivers\tgvgm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 19:47 - 2016-09-02 19:48 - 00009820 _____ C:\Users\já\Desktop\FRST.txt
2016-09-02 19:47 - 2016-09-02 19:47 - 00000000 ____D C:\FRST
2016-09-02 19:46 - 2016-09-02 19:47 - 02397696 _____ (Farbar) C:\Users\já\Desktop\FRST64.exe
2016-09-02 19:46 - 2016-09-02 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\já\Desktop\FRSTLauncher.exe
2016-09-02 19:42 - 2016-09-02 19:43 - 00029696 _____ C:\Users\já\AppData\Local\MSGBOX.EXE
2016-09-02 19:18 - 2016-09-02 19:19 - 00000000 ____D C:\rsit
2016-09-02 19:18 - 2016-09-02 19:18 - 00000000 ____D C:\Program Files\trend micro
2016-09-02 19:17 - 2016-09-02 19:18 - 01222144 _____ C:\Users\já\Desktop\RSITx64.exe
2016-09-01 21:08 - 2016-09-01 21:10 - 00279972 _____ C:\WINDOWS\Minidump\090116-42796-01.dmp
2016-09-01 21:08 - 2016-09-01 21:08 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-01 20:55 - 2016-09-01 20:55 - 00289052 _____ C:\avenger.txt
2016-09-01 20:55 - 2016-09-01 20:55 - 00000000 ____D C:\Avenger
2016-09-01 20:51 - 2016-09-01 20:51 - 00001517 _____ C:\WINDOWS\PWCMDLST.TXT
2016-09-01 20:51 - 2016-09-01 20:51 - 00001517 _____ C:\WINDOWS\PWCMDLST.BAK
2016-09-01 20:20 - 2016-09-02 18:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-01 20:20 - 2016-09-01 20:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-01 20:16 - 2016-09-01 20:25 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-08-31 20:59 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-31 20:59 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-31 20:59 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-31 20:59 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-08-31 20:59 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-08-31 20:59 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-08-31 20:59 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-08-31 20:59 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-08-31 20:59 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-08-31 20:59 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-08-31 20:59 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-31 20:59 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-31 20:59 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-08-31 20:59 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-31 20:59 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-31 20:59 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-31 20:59 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-31 20:59 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-31 20:59 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-08-31 20:59 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-08-31 20:59 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-31 20:59 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-31 20:59 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-31 20:59 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-31 20:59 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-31 20:59 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-31 20:59 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-31 20:59 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-31 20:59 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-31 20:59 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-31 20:59 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-31 20:59 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-31 20:59 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-08-31 20:59 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-08-31 20:59 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-08-31 20:59 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-31 20:59 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-31 20:59 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-31 20:59 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-31 20:59 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-31 20:59 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-08-31 20:59 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-08-31 20:59 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-31 20:59 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-31 20:59 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-08-31 20:59 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-08-31 20:59 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-08-31 20:59 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-31 20:59 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-31 20:59 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-31 20:59 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-31 20:59 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-31 20:59 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-08-31 20:59 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-31 20:59 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-08-31 20:59 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-31 20:59 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-31 20:59 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-31 20:59 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-08-31 20:59 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-31 20:59 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-08-31 20:59 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-31 20:59 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-08-31 20:59 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-31 20:59 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-08-31 20:59 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-08-31 20:59 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-31 20:59 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-31 20:59 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-31 20:59 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-31 20:59 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-31 20:59 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-31 20:59 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-31 20:59 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-31 20:59 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-31 20:59 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-31 20:59 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-08-31 20:59 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-31 20:59 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-08-31 20:59 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-31 20:59 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-31 20:59 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-31 20:59 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-31 20:59 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-08-31 20:59 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-31 20:59 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-31 20:59 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-08-31 20:59 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-31 20:59 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-31 20:59 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-31 20:59 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-31 20:59 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-31 20:59 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-08-31 20:58 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-08-31 20:58 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-08-31 20:58 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-08-31 20:58 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-08-31 20:58 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-08-31 20:58 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-08-31 20:58 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-31 20:58 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-31 20:58 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-31 20:58 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-31 20:58 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-31 20:58 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-31 20:58 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-31 20:58 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-08-31 20:58 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-08-31 20:58 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-31 20:58 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-31 20:58 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-31 20:58 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-08-31 20:58 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-31 20:58 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-31 20:58 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-31 20:58 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-08-31 20:58 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-08-31 20:58 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-08-31 20:58 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-08-31 20:58 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-08-31 20:58 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-08-31 20:58 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-08-31 20:58 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-08-31 20:58 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-08-31 20:58 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-31 20:58 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-08-31 20:58 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-31 20:58 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-08-31 20:58 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-08-31 20:58 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-08-31 20:58 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-31 20:58 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-08-31 20:58 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-08-31 20:58 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-08-31 20:58 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-08-31 20:58 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-08-31 20:58 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-31 20:58 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-08-31 20:58 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-31 20:58 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-31 20:58 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-08-31 20:58 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-31 20:58 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-08-31 20:58 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-31 20:58 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-08-31 20:58 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-31 20:58 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-08-31 20:58 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-31 20:58 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-08-31 20:58 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-08-31 20:58 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-08-31 20:58 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-08-31 20:58 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-08-31 20:58 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-08-31 20:58 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-31 20:58 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-31 20:58 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-31 20:58 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-08-31 20:58 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-31 20:58 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-31 20:58 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-08-31 20:58 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-08-31 20:58 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-31 20:58 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-08-31 20:58 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-08-31 20:58 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-31 20:58 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-31 20:58 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-31 20:58 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-08-31 20:58 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-31 20:54 - 2016-08-31 20:54 - 00003284 _____ C:\WINDOWS\System32\Tasks\{D9FEEE93-6065-4BD0-A492-83F5527C6BC5}
2016-08-31 20:44 - 2016-08-31 20:47 - 00001617 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-08-31 20:44 - 2016-08-31 20:47 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-08-31 20:43 - 2016-08-31 20:43 - 00250912 _____ C:\WINDOWS\SysWOW64\kz.exe
2016-08-31 20:39 - 2016-08-31 20:46 - 00000482 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2016-08-31 20:39 - 2016-08-31 20:39 - 00093072 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive2.sys
2016-08-31 20:39 - 2016-08-31 20:39 - 00003494 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2016-08-31 20:39 - 2016-08-31 20:39 - 00000000 ____D C:\Users\já\AppData\Roaming\Softlink
2016-08-31 20:39 - 2016-08-31 20:39 - 00000000 ____D C:\Users\já\AppData\Roaming\KuaiZip
2016-08-31 20:39 - 2016-08-31 20:39 - 00000000 ____D C:\Users\já\AppData\Local\UCBrowser
2016-08-31 20:39 - 2016-08-02 15:47 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-08-31 20:36 - 2016-08-31 20:54 - 00000000 ___HD C:\Program Files (x86)\SOEasy.5
2016-08-31 20:36 - 2016-08-31 20:54 - 00000000 ___HD C:\Program Files (x86)\SOEasy.4
2016-08-31 20:36 - 2016-08-31 20:53 - 00000000 ___HD C:\Users\MS.Default\Helper.5
2016-08-31 20:36 - 2016-08-31 20:53 - 00000000 ___HD C:\Users\MS.Default\Helper.4
2016-08-31 20:36 - 2016-08-31 20:53 - 00000000 ___HD C:\Users\MS.Default\Helper.3
2016-08-31 20:36 - 2016-08-31 20:53 - 00000000 ___HD C:\Program Files (x86)\SOEasy.3
2016-08-31 20:36 - 2016-08-31 20:36 - 00009060 _____ C:\WINDOWS\System32\Tasks\Werwuphtherhing Client
2016-08-31 20:36 - 2016-08-31 20:36 - 00000000 ___HD C:\Users\MS.Default
2016-08-31 20:36 - 2016-08-31 20:36 - 00000000 ____D C:\ProgramData\Avg
2016-08-31 20:36 - 2016-08-31 20:36 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-31 20:33 - 2016-08-31 20:33 - 07118336 _____ C:\Users\já\AppData\Roaming\agent.dat
2016-08-31 20:33 - 2016-08-31 20:33 - 00018432 _____ C:\Users\já\AppData\Roaming\Main.dat
2016-08-31 20:32 - 2016-08-31 20:32 - 00138240 _____ C:\Users\já\AppData\Roaming\Installer.dat
2016-08-31 20:23 - 2016-08-31 20:23 - 00000270 __RSH C:\Users\já\ntuser.pol
2016-08-31 20:20 - 2016-08-31 20:20 - 00000000 ____D C:\ProgramData\Paragon
2016-08-31 20:20 - 2016-08-08 16:52 - 00060752 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\gpt_loader.sys
2016-08-31 20:20 - 2016-08-08 16:52 - 00041808 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\mounthlp.sys
2016-08-31 20:20 - 2016-08-08 16:52 - 00023376 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\csvol.sys
2016-08-31 20:12 - 2016-08-31 20:12 - 00000000 ____D C:\ProgramData\createpart
2016-08-31 19:40 - 2016-08-31 19:40 - 00000000 ____D C:\ProgramData\formatpart
2016-08-31 19:38 - 2016-08-31 19:38 - 00000000 ____D C:\ProgramData\launcher
2016-08-31 19:38 - 2016-08-31 19:38 - 00000000 ____D C:\ProgramData\explauncher
2016-08-31 19:38 - 2016-08-31 19:38 - 00000000 ____D C:\ProgramData\createonepart
2016-08-31 19:36 - 2016-08-31 20:06 - 00000000 ____D C:\Program Files\Paragon Software
2016-08-31 19:35 - 2016-08-31 19:35 - 00000000 ____D C:\Users\já\AppData\Local\Downloaded Installations
2016-08-31 17:56 - 2016-08-31 17:56 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-08-31 17:36 - 2015-01-14 11:28 - 03066880 _____ C:\WINDOWS\system32\pwNative.exe
2016-08-31 17:36 - 2013-09-30 16:26 - 00019152 ____N C:\WINDOWS\system32\pwdrvio.sys
2016-08-31 17:36 - 2013-09-30 16:26 - 00012504 ____N C:\WINDOWS\system32\pwdspio.sys
2016-08-24 23:36 - 2016-08-31 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-24 09:25 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-24 09:25 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-24 09:25 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-24 09:25 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 09:25 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 09:25 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-24 09:25 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-24 09:25 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-24 09:25 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-24 09:25 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-24 09:25 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-24 09:25 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-24 09:25 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-24 09:25 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-24 09:25 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-24 09:25 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-24 09:25 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-24 09:25 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 09:25 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-24 09:25 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-24 09:25 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-24 09:25 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-24 09:25 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-24 09:25 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-24 09:25 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-24 09:25 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-24 09:25 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-24 09:25 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 09:25 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-24 09:25 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 09:25 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-24 09:25 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-24 09:25 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-24 09:25 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-24 09:25 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 09:25 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-24 09:25 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-24 09:25 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-24 09:25 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-24 09:25 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-24 09:25 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-24 09:25 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-24 09:25 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-24 09:25 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-24 09:25 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-24 09:25 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-24 09:25 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-24 09:25 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-24 09:25 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-24 09:25 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-24 09:25 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 09:25 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-24 09:25 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-24 09:25 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-24 09:25 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-24 09:25 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-24 09:25 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-24 09:25 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-24 09:25 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-24 09:25 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-24 09:25 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-24 09:25 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-24 09:24 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-24 09:24 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-24 09:24 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-24 09:24 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-24 09:24 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-24 09:24 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-24 09:24 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-24 09:24 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-24 09:24 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-24 09:24 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 09:24 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-24 09:24 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-24 09:24 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-24 09:24 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-24 09:24 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-24 09:24 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-24 09:24 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-24 09:24 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-24 09:24 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-24 09:24 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-24 09:24 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-24 09:24 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-24 09:24 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-24 09:24 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-24 09:24 - 2016-08-06 05:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-24 09:24 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-24 09:24 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-24 09:24 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-24 09:24 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-24 09:24 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-24 09:24 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-24 09:24 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-24 09:24 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-24 09:24 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-24 09:24 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-24 09:24 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-24 09:24 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-24 09:24 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-24 09:24 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-24 09:24 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-24 09:24 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-24 09:24 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-24 09:24 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-24 09:24 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-24 09:24 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-24 09:24 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-21 18:06 - 2016-08-21 18:06 - 00000000 ____D C:\Users\já\AppData\Local\Viber
2016-08-10 16:53 - 2016-08-10 16:53 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-08-10 16:41 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 16:41 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 16:41 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:41 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-08 21:44 - 2016-08-08 21:44 - 00000000 ____D C:\Users\já\AppData\Roaming\Navigator
2016-08-08 21:44 - 2016-08-08 21:44 - 00000000 ____D C:\ProgramData\Navigator
2016-08-04 13:54 - 2016-08-04 14:01 - 00000000 ____D C:\Program Files\Elantech
2016-08-03 10:07 - 2016-09-01 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-03 10:03 - 2016-08-14 20:38 - 00000000 ____D C:\Windows.old
2016-08-03 10:03 - 2016-08-03 10:03 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-03 09:57 - 2016-08-03 09:57 - 00000000 ____D C:\ProgramData\USOShared
2016-08-03 09:55 - 2016-08-03 09:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-03 09:51 - 2016-08-03 09:51 - 00000020 ___SH C:\Users\já\ntuser.ini
2016-08-03 09:50 - 2016-08-03 09:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-03 09:47 - 2016-08-03 09:48 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-03 09:47 - 2016-08-03 09:48 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\Program Files\MSBuild
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-03 09:47 - 2016-08-03 09:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-03 09:46 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-03 09:46 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-03 09:39 - 2016-09-02 18:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-03 09:39 - 2016-08-03 09:39 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-03 09:39 - 2016-08-03 09:39 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-03 09:39 - 2016-08-03 09:39 - 00003344 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AD04C7F2-0CEB-49C5-A64F-D7563308CDBE}
2016-08-03 09:39 - 2016-08-03 09:39 - 00003128 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-03 09:39 - 2016-08-03 09:39 - 00002702 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-08-03 09:39 - 2016-08-03 09:39 - 00002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-03 09:30 - 2016-09-02 18:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-03 09:30 - 2016-08-03 09:30 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-03 09:30 - 2016-08-03 09:30 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-03 09:22 - 2016-08-03 09:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-03 09:19 - 2016-08-31 20:23 - 00000000 ____D C:\Users\já
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Šablony
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Soubory cookie
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Poslední
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Okolní tiskárny
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Okolní síť
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Nabídka Start
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Dokumenty
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Documents\Obrázky
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Documents\Hudba
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Documents\Filmy
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Data aplikací
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\AppData\Local\Data aplikací
2016-08-03 09:14 - 2016-08-03 09:14 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-03 09:14 - 2016-08-03 09:14 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-03 09:13 - 2016-08-03 09:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-03 09:13 - 2016-08-03 09:13 - 00000000 ____D C:\Program Files\Realtek
2016-08-03 09:13 - 2016-08-03 09:13 - 00000000 ____D C:\Program Files\Intel
2016-08-03 09:13 - 2016-05-03 23:30 - 00081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-08-03 09:13 - 2016-05-03 23:30 - 00077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-08-03 09:12 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-03 09:09 - 2016-09-02 19:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-03 09:09 - 2016-09-01 21:08 - 00341496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-03 09:09 - 2016-08-03 09:09 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-03 08:00 - 2016-08-03 08:06 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-03 07:34 - 2016-08-03 09:50 - 00000000 ___HD C:\$GetCurrent
2016-08-03 07:32 - 2016-09-02 18:53 - 00000735 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-03 07:32 - 2016-08-03 09:58 - 00000000 ____D C:\Windows10Upgrade

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 19:09 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-02 19:01 - 2016-07-17 00:25 - 00662152 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-02 19:01 - 2016-07-17 00:25 - 00144288 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-02 19:01 - 2016-01-13 13:56 - 01868730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-02 18:57 - 2016-01-13 10:44 - 00000000 __SHD C:\Users\já\IntelGraphicsProfiles
2016-09-02 18:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-02 18:56 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-02 18:53 - 2016-07-03 18:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-02 18:53 - 2016-01-19 19:17 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-02 18:53 - 2016-01-13 11:18 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-02 18:52 - 2016-07-03 18:48 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-02 18:52 - 2016-04-24 16:08 - 00001030 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-09-02 18:52 - 2016-01-18 18:46 - 00000905 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:52 - 2016-01-14 01:16 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-02 18:52 - 2016-01-13 10:47 - 00002382 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 18:52 - 2016-01-13 10:46 - 00001333 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku HD.lnk
2016-09-02 18:51 - 2016-01-13 10:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 21:11 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 21:08 - 2016-07-06 18:28 - 191481393 _____ C:\WINDOWS\MEMORY.DMP
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-31 20:59 - 2016-01-13 11:33 - 00000000 ____D C:\Users\já\AppData\Roaming\Seznam.cz
2016-08-31 20:30 - 2016-07-16 13:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-31 20:29 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-31 20:29 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-31 20:29 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-31 20:29 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-31 20:28 - 2016-07-16 13:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-31 20:28 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-31 20:28 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-31 20:28 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-31 20:28 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-31 20:22 - 2016-01-13 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-31 17:56 - 2016-01-13 03:12 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-08-31 15:15 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 23:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 23:34 - 2016-01-15 12:09 - 00000000 ____D C:\Users\já\Documents\ViberDownloads
2016-08-25 23:34 - 2016-01-15 12:05 - 00000000 ____D C:\Users\já\AppData\Roaming\ViberPC
2016-08-24 12:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-19 16:43 - 2016-01-17 12:23 - 00000000 ____D C:\Users\já\AppData\Roaming\vlc
2016-08-10 16:52 - 2016-01-13 11:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 16:47 - 2016-01-13 11:17 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-04 10:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-03 10:28 - 2016-01-13 10:44 - 00000000 ____D C:\Users\já\AppData\Local\Packages
2016-08-03 10:12 - 2016-01-13 03:30 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-03 10:07 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-03 10:07 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-03 10:00 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\servicing
2016-08-03 09:57 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-03 09:56 - 2016-01-13 10:47 - 00000000 ___RD C:\Users\já\OneDrive
2016-08-03 09:52 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-03 09:52 - 2016-01-13 10:40 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-08-03 09:48 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-03 09:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-03 09:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-03 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-03 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-03 09:46 - 2016-01-13 03:12 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-03 09:38 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-03 09:32 - 2016-04-24 16:08 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2016-08-03 09:32 - 2016-04-03 15:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-03 09:32 - 2016-01-24 12:34 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWSnap
2016-08-03 09:32 - 2016-01-23 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-03 09:32 - 2016-01-19 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPad editor
2016-08-03 09:32 - 2016-01-17 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-03 09:32 - 2016-01-17 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-03 09:32 - 2016-01-14 01:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-03 09:32 - 2016-01-13 11:36 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-03 09:32 - 2016-01-13 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-03 09:32 - 2016-01-13 03:12 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-03 09:30 - 2016-01-13 02:46 - 00000000 ____D C:\Users\Default.migrated
2016-08-03 09:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-03 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-03 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-03 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-03 09:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 09:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-03 09:23 - 2016-01-13 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-03 09:18 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-03 09:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-03 09:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-03 07:38 - 2016-08-02 22:14 - 00000000 ____D C:\Users\já\Desktop\navigace
2016-08-03 07:38 - 2016-01-13 23:58 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

==================== Files in the root of some directories =======

2016-08-31 20:33 - 2016-08-31 20:33 - 7118336 _____ () C:\Users\já\AppData\Roaming\agent.dat
2016-08-31 20:32 - 2016-08-31 20:32 - 0138240 _____ () C:\Users\já\AppData\Roaming\Installer.dat
2016-08-31 20:33 - 2016-08-31 20:33 - 0018432 _____ () C:\Users\já\AppData\Roaming\Main.dat
2016-09-02 19:42 - 2016-09-02 19:43 - 0029696 _____ () C:\Users\já\AppData\Local\MSGBOX.EXE
2016-08-03 09:14 - 2016-08-03 09:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.135_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.652_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_Desktop_HideIPEasy.exe


Some files in TEMP:
====================
C:\Users\já\AppData\Local\Temp\Browser_V5.6.14087.902_f_4674_(Build1608021049).exe
C:\Users\já\AppData\Local\Temp\istC009.tmp.exe
C:\Users\já\AppData\Local\Temp\KuaiZip.exe
C:\Users\já\AppData\Local\Temp\setup.exe
C:\Users\já\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-31 15:45

==================== End of FRST.txt ============================

Re: Trojský kůň

Napsal: 02 zář 2016 19:11
od Rudy
Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Trojský kůň

Napsal: 02 zář 2016 19:41
od lebka75
Skenování proběhne ok, ale když kliknu na čištění tak se notas sekne a jen se točí kolečko jako že se něco děje a pořád nic... A teď se PC už asi 5 minut restartuje :( , vypadá to na tvrdé vypnutí

Re: Trojský kůň

Napsal: 02 zář 2016 20:17
od Rudy
OK. Zkuste celý postup opakovat v nouz. režimu.

Re: Trojský kůň

Napsal: 02 zář 2016 20:42
od lebka75
v nouzovem režimu je to stejné ... musel jsem natvrdo vypnout pc, opět s ním nic nešlo

Re: Trojský kůň

Napsal: 02 zář 2016 20:58
od lebka75
tak jsem to Jméno měl asi odfajfkovat ...




# AdwCleaner v6.010 - Log soubor vytvořen 02/09/2016 na 21:46:50
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-01.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : já - DESKTOP-8PLP21H
# Beží od : C:\Users\já\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

[!] Služba nejde smazat:UCGuard


***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\já\AppData\Roaming\Kuaizip
[#] Adresář nelze smazat:C:\Users\já\AppData\Roaming\KuaiZip
[-] Adresář smazán:C:\Users\já\AppData\Roaming\Softlink
[-] Adresář smazán:C:\Program Files (x86)\SOEasy.5
[-] Adresář smazán:C:\Program Files (x86)\SOEasy.4
[-] Adresář smazán:C:\Program Files (x86)\SOEasy.3
[-] Adresář smazán:C:\Users\J8D6B~1\AppData\Local\Temp\MPC
[-] Adresář smazán:C:\users\MS.Default\Helper.5
[-] Adresář smazán:C:\users\MS.Default\Helper.4
[-] Adresář smazán:C:\users\MS.Default\Helper.3
[-] Adresář smazán:C:\Users\já\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\5zu9jvy9.default\extensions\deskCutv2@gmail.com
[-] Adresář smazán:C:\Users\já\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\5zu9jvy9.default


***** [ Soubory ] *****

[#] Soubor smazán:C:\WINDOWS\SysNative\drivers\ucguard.sys
[-] Soubor smazán:C:\WINDOWS\SysNative\drivers\KuaiZipDrive2.sys
[#] Soubor smazán:C:\Users\já\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\5zu9jvy9.default\invalidprefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT
[-] Klíč smazán:HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Klíč smazán:HKU\S-1-5-21-912284268-512413669-3595411638-1001\Software\IM
[-] Klíč smazán:HKU\S-1-5-21-912284268-512413669-3595411638-1001\Software\PRODUCTSETUP
[-] Klíč smazán:HKU\S-1-5-21-912284268-512413669-3595411638-1001\Software\UCBrowser
[-] Klíč smazán:HKU\S-1-5-21-912284268-512413669-3595411638-1001\Software\UCBrowserPID
[-] Klíč smazán:HKU\S-1-5-21-912284268-512413669-3595411638-1001\Software\SNDA
[#] Klíč smazán po restartování:HKCU\Software\IM
[#] Klíč smazán po restartování:HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartování:HKCU\Software\UCBrowser
[#] Klíč smazán po restartování:HKCU\Software\UCBrowserPID
[#] Klíč smazán po restartování:HKCU\Software\SNDA
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowser
[-] Klíč smazán:HKLM\SOFTWARE\UCBrowserPID
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Klíč smazán:HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
[-] Hodnota smazána:HKLM\SOFTWARE\RegisteredApplications [UCBrowser]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Quoteex.exe


***** [ Prohlížeče ] *****

[-] Firefox profil vyčištěn:Profile1
[-] Firefox nastavení vyčištěno:


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4486 Bajtů] - [02/09/2016 21:46:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [5044 Bajtů] - [02/09/2016 20:14:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [5118 Bajtů] - [02/09/2016 20:28:40]
C:\AdwCleaner\AdwCleaner[S2].txt - [5192 Bajtů] - [02/09/2016 20:52:19]
C:\AdwCleaner\AdwCleaner[S3].txt - [5266 Bajtů] - [02/09/2016 21:18:33]
C:\AdwCleaner\AdwCleaner[S4].txt - [5340 Bajtů] - [02/09/2016 21:25:19]
C:\AdwCleaner\AdwCleaner[S5].txt - [5414 Bajtů] - [02/09/2016 21:42:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5004 Bajtů] ##########

Re: Trojský kůň

Napsal: 02 zář 2016 21:00
od Rudy
OK. Dejte nový log FRST.

Re: Trojský kůň

Napsal: 02 zář 2016 21:20
od lebka75
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by já (administrator) on DESKTOP-8PLP21H (02-09-2016 22:11:34)
Running from C:\Users\já\Desktop
Loaded Profiles: já (Available Profiles: já)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.82_none_5be7b69702339d1d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\LockAppHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [Setup Utility 15.0] => C:\Program Files (x86)\Navigator15\Setup Utility\clickertray.exe
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-912284268-512413669-3595411638-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1400232 2016-07-31] (Garmin Ltd. or its subsidiaries)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{639aff68-58c1-4ebd-9aca-0abc36958470}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{71f1ac28-025c-4086-9fb9-d0cba551526c}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-30] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-30] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-06-16] (ESET)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [809488 2016-07-31] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 ssinstall; C:\WINDOWS\SysWOW64\ssins.exe [2324216 2016-01-19] (PS Media s.r.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 apmwinsrv; "C:\Program Files (x86)\Paragon Software\HFS+ for Windows\apmwinsrv.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-06-19] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-06-19] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-03-16] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [199680 2016-06-16] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-03-16] (ESET)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [183896 2016-03-25] (ELAN Microelectronic Corp.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-02] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-09-11] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S0 qkchufj; System32\drivers\tgvgm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 21:20 - 2016-09-02 21:20 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-09-02 20:09 - 2016-09-02 21:46 - 00000000 ____D C:\AdwCleaner
2016-09-02 20:09 - 2016-09-02 21:12 - 03826240 _____ C:\Users\já\Desktop\adwcleaner_6.010.exe
2016-09-02 19:54 - 2016-09-02 19:54 - 00007764 _____ C:\Users\já\Desktop\Addition.rar
2016-09-02 19:50 - 2016-09-02 19:51 - 00027919 _____ C:\Users\já\Desktop\Addition.txt
2016-09-02 19:47 - 2016-09-02 22:11 - 00008965 _____ C:\Users\já\Desktop\FRST.txt
2016-09-02 19:47 - 2016-09-02 22:11 - 00000000 ____D C:\FRST
2016-09-02 19:46 - 2016-09-02 19:47 - 02397696 _____ (Farbar) C:\Users\já\Desktop\FRST64.exe
2016-09-02 19:46 - 2016-09-02 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\já\Desktop\FRSTLauncher.exe
2016-09-02 19:42 - 2016-09-02 19:43 - 00029696 _____ C:\Users\já\AppData\Local\MSGBOX.EXE
2016-09-02 19:18 - 2016-09-02 19:19 - 00000000 ____D C:\rsit
2016-09-02 19:18 - 2016-09-02 19:18 - 00000000 ____D C:\Program Files\trend micro
2016-09-02 19:17 - 2016-09-02 19:18 - 01222144 _____ C:\Users\já\Desktop\RSITx64.exe
2016-09-01 21:08 - 2016-09-01 21:10 - 00279972 _____ C:\WINDOWS\Minidump\090116-42796-01.dmp
2016-09-01 21:08 - 2016-09-01 21:08 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-01 20:55 - 2016-09-01 20:55 - 00289052 _____ C:\avenger.txt
2016-09-01 20:55 - 2016-09-01 20:55 - 00000000 ____D C:\Avenger
2016-09-01 20:51 - 2016-09-01 20:51 - 00001517 _____ C:\WINDOWS\PWCMDLST.TXT
2016-09-01 20:51 - 2016-09-01 20:51 - 00001517 _____ C:\WINDOWS\PWCMDLST.BAK
2016-09-01 20:20 - 2016-09-02 18:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-01 20:20 - 2016-09-01 20:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-01 20:16 - 2016-09-01 20:25 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-08-31 20:59 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-08-31 20:59 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-08-31 20:59 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-08-31 20:59 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-08-31 20:59 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-08-31 20:59 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-08-31 20:59 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-08-31 20:59 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-08-31 20:59 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-08-31 20:59 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-08-31 20:59 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-31 20:59 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-31 20:59 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-08-31 20:59 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-31 20:59 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-31 20:59 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-31 20:59 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-31 20:59 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-31 20:59 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-08-31 20:59 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-08-31 20:59 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-31 20:59 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-31 20:59 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-31 20:59 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-31 20:59 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-31 20:59 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-31 20:59 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-31 20:59 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-31 20:59 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-31 20:59 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-31 20:59 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-31 20:59 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-31 20:59 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-08-31 20:59 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-08-31 20:59 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-08-31 20:59 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-31 20:59 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-31 20:59 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-31 20:59 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-31 20:59 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-31 20:59 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-08-31 20:59 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-08-31 20:59 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-31 20:59 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-31 20:59 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-08-31 20:59 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-08-31 20:59 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-08-31 20:59 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-31 20:59 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-31 20:59 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-31 20:59 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-31 20:59 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-31 20:59 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-08-31 20:59 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-31 20:59 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-08-31 20:59 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-31 20:59 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-31 20:59 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-31 20:59 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-31 20:59 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-08-31 20:59 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-31 20:59 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-08-31 20:59 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-31 20:59 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-08-31 20:59 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-31 20:59 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-08-31 20:59 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-08-31 20:59 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-31 20:59 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-31 20:59 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-08-31 20:59 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-31 20:59 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-31 20:59 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-31 20:59 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-31 20:59 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-31 20:59 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-31 20:59 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-31 20:59 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-31 20:59 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-08-31 20:59 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-31 20:59 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-08-31 20:59 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-31 20:59 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-31 20:59 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-31 20:59 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-31 20:59 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-08-31 20:59 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-31 20:59 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-31 20:59 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-08-31 20:59 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-31 20:59 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-31 20:59 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-31 20:59 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-31 20:59 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-31 20:59 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-08-31 20:58 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-08-31 20:58 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-08-31 20:58 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-08-31 20:58 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-08-31 20:58 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-08-31 20:58 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-08-31 20:58 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-31 20:58 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-31 20:58 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-31 20:58 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-31 20:58 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-31 20:58 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-08-31 20:58 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-31 20:58 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-08-31 20:58 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-08-31 20:58 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-31 20:58 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-31 20:58 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-31 20:58 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-08-31 20:58 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-31 20:58 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-31 20:58 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-31 20:58 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-08-31 20:58 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-08-31 20:58 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-08-31 20:58 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-08-31 20:58 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-08-31 20:58 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-08-31 20:58 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-08-31 20:58 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-08-31 20:58 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-08-31 20:58 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-31 20:58 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-08-31 20:58 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-31 20:58 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-08-31 20:58 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-08-31 20:58 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-08-31 20:58 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-08-31 20:58 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-31 20:58 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-08-31 20:58 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-08-31 20:58 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-08-31 20:58 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-08-31 20:58 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-08-31 20:58 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-31 20:58 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-08-31 20:58 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-31 20:58 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-31 20:58 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-08-31 20:58 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-31 20:58 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-08-31 20:58 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-31 20:58 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-08-31 20:58 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-31 20:58 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-08-31 20:58 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-31 20:58 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-08-31 20:58 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-08-31 20:58 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-08-31 20:58 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-08-31 20:58 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-08-31 20:58 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-08-31 20:58 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-31 20:58 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-31 20:58 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-31 20:58 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-31 20:58 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-08-31 20:58 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-31 20:58 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-31 20:58 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-31 20:58 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-08-31 20:58 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-08-31 20:58 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-31 20:58 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-08-31 20:58 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-08-31 20:58 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-31 20:58 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-31 20:58 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-31 20:58 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-08-31 20:58 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-31 20:44 - 2016-08-31 20:47 - 00001617 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-08-31 20:44 - 2016-08-31 20:47 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-08-31 20:43 - 2016-08-31 20:43 - 00250912 _____ C:\WINDOWS\SysWOW64\kz.exe
2016-08-31 20:39 - 2016-08-31 20:46 - 00000482 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2016-08-31 20:39 - 2016-08-31 20:39 - 00003494 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2016-08-31 20:39 - 2016-08-31 20:39 - 00000000 ____D C:\Users\já\AppData\Local\UCBrowser
2016-08-31 20:39 - 2016-08-02 15:47 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\WINDOWS\system32\Drivers\ucguard.sys
2016-08-31 20:36 - 2016-09-02 21:44 - 00000000 ___HD C:\Users\MS.Default
2016-08-31 20:36 - 2016-08-31 20:36 - 00009060 _____ C:\WINDOWS\System32\Tasks\Werwuphtherhing Client
2016-08-31 20:36 - 2016-08-31 20:36 - 00000000 ____D C:\ProgramData\Avg
2016-08-31 20:36 - 2016-08-31 20:36 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-31 20:33 - 2016-08-31 20:33 - 07118336 _____ C:\Users\já\AppData\Roaming\agent.dat
2016-08-31 20:33 - 2016-08-31 20:33 - 00018432 _____ C:\Users\já\AppData\Roaming\Main.dat
2016-08-31 20:32 - 2016-08-31 20:32 - 00138240 _____ C:\Users\já\AppData\Roaming\Installer.dat
2016-08-31 20:23 - 2016-08-31 20:23 - 00000270 __RSH C:\Users\já\ntuser.pol
2016-08-31 20:20 - 2016-08-31 20:20 - 00000000 ____D C:\ProgramData\Paragon
2016-08-31 20:20 - 2016-08-08 16:52 - 00060752 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\gpt_loader.sys
2016-08-31 20:20 - 2016-08-08 16:52 - 00041808 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\mounthlp.sys
2016-08-31 20:20 - 2016-08-08 16:52 - 00023376 _____ (Paragon Software Group) C:\WINDOWS\system32\Drivers\csvol.sys
2016-08-31 20:12 - 2016-08-31 20:12 - 00000000 ____D C:\ProgramData\createpart
2016-08-31 19:40 - 2016-08-31 19:40 - 00000000 ____D C:\ProgramData\formatpart
2016-08-31 19:38 - 2016-08-31 19:38 - 00000000 ____D C:\ProgramData\launcher
2016-08-31 19:38 - 2016-08-31 19:38 - 00000000 ____D C:\ProgramData\explauncher
2016-08-31 19:38 - 2016-08-31 19:38 - 00000000 ____D C:\ProgramData\createonepart
2016-08-31 19:36 - 2016-08-31 20:06 - 00000000 ____D C:\Program Files\Paragon Software
2016-08-31 19:35 - 2016-08-31 19:35 - 00000000 ____D C:\Users\já\AppData\Local\Downloaded Installations
2016-08-31 17:56 - 2016-08-31 17:56 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-08-31 17:36 - 2015-01-14 11:28 - 03066880 _____ C:\WINDOWS\system32\pwNative.exe
2016-08-31 17:36 - 2013-09-30 16:26 - 00019152 ____N C:\WINDOWS\system32\pwdrvio.sys
2016-08-31 17:36 - 2013-09-30 16:26 - 00012504 ____N C:\WINDOWS\system32\pwdspio.sys
2016-08-24 23:36 - 2016-08-31 20:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-24 09:25 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-24 09:25 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-24 09:25 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-24 09:25 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 09:25 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 09:25 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-24 09:25 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-24 09:25 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-24 09:25 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-24 09:25 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-24 09:25 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-24 09:25 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-24 09:25 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-24 09:25 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-24 09:25 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-24 09:25 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-24 09:25 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-24 09:25 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-24 09:25 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 09:25 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-24 09:25 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-24 09:25 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-24 09:25 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-24 09:25 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-24 09:25 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-24 09:25 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-24 09:25 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-24 09:25 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-24 09:25 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-24 09:25 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 09:25 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-24 09:25 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 09:25 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-24 09:25 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-24 09:25 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-24 09:25 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-24 09:25 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-24 09:25 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 09:25 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-24 09:25 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-24 09:25 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-24 09:25 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-24 09:25 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-24 09:25 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-24 09:25 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-24 09:25 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-24 09:25 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-24 09:25 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-24 09:25 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-24 09:25 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-24 09:25 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-24 09:25 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-24 09:25 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-24 09:25 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 09:25 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-24 09:25 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-24 09:25 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-24 09:25 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-24 09:25 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-24 09:25 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-24 09:25 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-24 09:25 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-24 09:25 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-24 09:25 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-24 09:25 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-24 09:24 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-24 09:24 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-24 09:24 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-24 09:24 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-24 09:24 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-24 09:24 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-24 09:24 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-24 09:24 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-24 09:24 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-24 09:24 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-24 09:24 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 09:24 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-24 09:24 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-24 09:24 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-24 09:24 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-24 09:24 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-24 09:24 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-24 09:24 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-24 09:24 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-24 09:24 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-24 09:24 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-24 09:24 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-24 09:24 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-24 09:24 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-24 09:24 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-24 09:24 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-24 09:24 - 2016-08-06 05:44 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-24 09:24 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-24 09:24 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-24 09:24 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-24 09:24 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-24 09:24 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-24 09:24 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-24 09:24 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-24 09:24 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-24 09:24 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-24 09:24 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-24 09:24 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-24 09:24 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-24 09:24 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-24 09:24 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-24 09:24 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-24 09:24 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-24 09:24 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-24 09:24 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-24 09:24 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-24 09:24 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-24 09:24 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-24 09:24 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-24 09:24 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-24 09:24 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-21 18:06 - 2016-08-21 18:06 - 00000000 ____D C:\Users\já\AppData\Local\Viber
2016-08-10 16:53 - 2016-08-10 16:53 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-08-10 16:41 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 16:41 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 16:41 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 16:41 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-08 21:44 - 2016-08-08 21:44 - 00000000 ____D C:\Users\já\AppData\Roaming\Navigator
2016-08-08 21:44 - 2016-08-08 21:44 - 00000000 ____D C:\ProgramData\Navigator
2016-08-04 13:54 - 2016-08-04 14:01 - 00000000 ____D C:\Program Files\Elantech
2016-08-03 10:07 - 2016-09-01 20:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-03 10:03 - 2016-08-14 20:38 - 00000000 ____D C:\Windows.old
2016-08-03 10:03 - 2016-08-03 10:03 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-03 10:03 - 2016-08-03 10:03 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-03 09:57 - 2016-08-03 09:57 - 00000000 ____D C:\ProgramData\USOShared
2016-08-03 09:55 - 2016-08-03 09:55 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-03 09:51 - 2016-08-03 09:51 - 00000020 ___SH C:\Users\já\ntuser.ini
2016-08-03 09:50 - 2016-08-03 09:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 09:48 - 2016-08-03 09:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-03 09:47 - 2016-08-03 09:48 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-03 09:47 - 2016-08-03 09:48 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\Program Files\MSBuild
2016-08-03 09:47 - 2016-08-03 09:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-03 09:47 - 2016-08-03 09:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-03 09:46 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-03 09:46 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-03 09:46 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-03 09:39 - 2016-09-02 21:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-03 09:39 - 2016-08-03 09:39 - 00022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-03 09:39 - 2016-08-03 09:39 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-03 09:39 - 2016-08-03 09:39 - 00003344 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AD04C7F2-0CEB-49C5-A64F-D7563308CDBE}
2016-08-03 09:39 - 2016-08-03 09:39 - 00003128 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-08-03 09:39 - 2016-08-03 09:39 - 00002702 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2016-08-03 09:39 - 2016-08-03 09:39 - 00002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-03 09:30 - 2016-09-02 18:53 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-03 09:30 - 2016-08-03 09:30 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-08-03 09:30 - 2016-08-03 09:30 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-08-03 09:22 - 2016-08-03 09:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-03 09:19 - 2016-09-02 21:19 - 00000000 ____D C:\Users\já
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Šablony
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Soubory cookie
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Poslední
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Okolní tiskárny
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Okolní síť
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Nabídka Start
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Dokumenty
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Documents\Obrázky
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Documents\Hudba
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Documents\Filmy
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\Data aplikací
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-03 09:19 - 2016-08-03 09:19 - 00000000 _SHDL C:\Users\já\AppData\Local\Data aplikací
2016-08-03 09:14 - 2016-08-03 09:14 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-03 09:14 - 2016-08-03 09:14 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-03 09:13 - 2016-08-03 09:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-03 09:13 - 2016-08-03 09:13 - 00000000 ____D C:\Program Files\Realtek
2016-08-03 09:13 - 2016-08-03 09:13 - 00000000 ____D C:\Program Files\Intel
2016-08-03 09:13 - 2016-05-03 23:30 - 00081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-08-03 09:13 - 2016-05-03 23:30 - 00077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-08-03 09:12 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-03 09:09 - 2016-09-02 22:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-03 09:09 - 2016-09-01 21:08 - 00341496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-03 09:09 - 2016-08-03 09:09 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-03 08:00 - 2016-08-03 08:06 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-03 07:34 - 2016-08-03 09:50 - 00000000 ___HD C:\$GetCurrent
2016-08-03 07:32 - 2016-09-02 18:53 - 00000735 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník při upgradu na Windows 10.lnk
2016-08-03 07:32 - 2016-08-03 09:58 - 00000000 ____D C:\Windows10Upgrade

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-02 21:52 - 2016-07-17 00:25 - 00749686 _____ C:\WINDOWS\system32\perfh005.dat
2016-09-02 21:52 - 2016-07-17 00:25 - 00170470 _____ C:\WINDOWS\system32\perfc005.dat
2016-09-02 21:52 - 2016-01-13 13:56 - 02038690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-02 21:49 - 2016-01-13 10:44 - 00000000 __SHD C:\Users\já\IntelGraphicsProfiles
2016-09-02 21:47 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-02 20:46 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-02 19:09 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-02 18:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-02 18:53 - 2016-07-03 18:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-09-02 18:53 - 2016-01-19 19:17 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-02 18:53 - 2016-01-13 11:18 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-02 18:52 - 2016-07-03 18:48 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-09-02 18:52 - 2016-04-24 16:08 - 00001030 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-09-02 18:52 - 2016-01-18 18:46 - 00000905 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-09-02 18:52 - 2016-01-14 01:16 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-02 18:52 - 2016-01-13 10:47 - 00002382 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 18:52 - 2016-01-13 10:46 - 00001333 _____ C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Správce zvuku HD.lnk
2016-09-02 18:51 - 2016-01-13 10:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 21:11 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-01 21:08 - 2016-07-06 18:28 - 191481393 _____ C:\WINDOWS\MEMORY.DMP
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-01 20:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-31 20:59 - 2016-01-13 11:33 - 00000000 ____D C:\Users\já\AppData\Roaming\Seznam.cz
2016-08-31 20:30 - 2016-07-16 13:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-31 20:29 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-31 20:29 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-31 20:29 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-31 20:29 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-31 20:29 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-31 20:29 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-31 20:28 - 2016-07-16 13:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-31 20:28 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-31 20:28 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-31 20:28 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-31 20:28 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-31 20:22 - 2016-01-13 11:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-31 17:56 - 2016-01-13 03:12 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-08-31 15:15 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 23:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 23:34 - 2016-01-15 12:09 - 00000000 ____D C:\Users\já\Documents\ViberDownloads
2016-08-25 23:34 - 2016-01-15 12:05 - 00000000 ____D C:\Users\já\AppData\Roaming\ViberPC
2016-08-24 12:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-19 16:43 - 2016-01-17 12:23 - 00000000 ____D C:\Users\já\AppData\Roaming\vlc
2016-08-10 16:52 - 2016-01-13 11:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 16:47 - 2016-01-13 11:17 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-04 10:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-03 10:28 - 2016-01-13 10:44 - 00000000 ____D C:\Users\já\AppData\Local\Packages
2016-08-03 10:12 - 2016-01-13 03:30 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-03 10:07 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup
2016-08-03 10:07 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-08-03 10:00 - 2016-07-17 00:25 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-03 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-03 10:00 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\servicing
2016-08-03 09:57 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-03 09:56 - 2016-01-13 10:47 - 00000000 ___RD C:\Users\já\OneDrive
2016-08-03 09:52 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-03 09:52 - 2016-01-13 10:40 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-08-03 09:48 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-03 09:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-03 09:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-03 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-03 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-03 09:46 - 2016-01-13 03:12 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-03 09:38 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-03 09:32 - 2016-04-24 16:08 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber
2016-08-03 09:32 - 2016-04-03 15:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-03 09:32 - 2016-01-24 12:34 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MWSnap
2016-08-03 09:32 - 2016-01-23 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-03 09:32 - 2016-01-19 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPad editor
2016-08-03 09:32 - 2016-01-17 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-03 09:32 - 2016-01-17 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-03 09:32 - 2016-01-14 01:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-03 09:32 - 2016-01-13 11:36 - 00000000 ____D C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-03 09:32 - 2016-01-13 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-03 09:32 - 2016-01-13 03:12 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-03 09:30 - 2016-01-13 02:46 - 00000000 ____D C:\Users\Default.migrated
2016-08-03 09:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-03 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-03 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-03 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-03 09:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 09:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-03 09:23 - 2016-01-13 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-08-03 09:18 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-03 09:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-03 09:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-03 07:38 - 2016-08-02 22:14 - 00000000 ____D C:\Users\já\Desktop\navigace
2016-08-03 07:38 - 2016-01-13 23:58 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

==================== Files in the root of some directories =======

2016-08-31 20:33 - 2016-08-31 20:33 - 7118336 _____ () C:\Users\já\AppData\Roaming\agent.dat
2016-08-31 20:32 - 2016-08-31 20:32 - 0138240 _____ () C:\Users\já\AppData\Roaming\Installer.dat
2016-08-31 20:33 - 2016-08-31 20:33 - 0018432 _____ () C:\Users\já\AppData\Roaming\Main.dat
2016-09-02 19:42 - 2016-09-02 19:43 - 0029696 _____ () C:\Users\já\AppData\Local\MSGBOX.EXE
2016-08-03 09:14 - 2016-08-03 09:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.135_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.652_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_Desktop_HideIPEasy.exe


Some files in TEMP:
====================
C:\Users\já\AppData\Local\Temp\Browser_V5.6.14087.902_f_4674_(Build1608021049).exe
C:\Users\já\AppData\Local\Temp\istC009.tmp.exe
C:\Users\já\AppData\Local\Temp\KuaiZip.exe
C:\Users\já\AppData\Local\Temp\libeay32.dll
C:\Users\já\AppData\Local\Temp\msvcr120.dll
C:\Users\já\AppData\Local\Temp\setup.exe
C:\Users\já\AppData\Local\Temp\sqlite3.dll
C:\Users\já\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-31 15:45

==================== End of FRST.txt ============================

Re: Trojský kůň

Napsal: 02 zář 2016 21:29
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
S0 qkchufj; System32\drivers\tgvgm.sys [X]
C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\ProgramData\DP45977C.lfl
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.135_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.652_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_Desktop_HideIPEasy.exe
C:\Users\já\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Trojský kůň

Napsal: 03 zář 2016 14:59
od lebka75
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by já (03-09-2016 15:52:43) Run:1
Running from C:\Users\já\Desktop
Loaded Profiles: já (Available Profiles: já)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
S0 qkchufj; System32\drivers\tgvgm.sys [X]
C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???.lnk
C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\ProgramData\DP45977C.lfl
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.135_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.652_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe
C:\ProgramData\C__Users_já_Desktop_HideIPEasy.exe
C:\Users\já\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
qkchufj => service removed successfully
"C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???.lnk" => not found.
"C:\Users\já\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???" => not found.
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.135_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe => moved successfully
C:\ProgramData\C__Users_já_AppData_Local_Temp_Rar$EXa0.652_Hide IP Easy 5.0.5.2 Full + crack [TrT-TcT]_Crack_HideIPEasy.exe => moved successfully
C:\ProgramData\C__Users_já_Desktop_HideIPEasy.exe => moved successfully
C:\Users\já\AppData\Local\Temp => moved successfully

==== End of Fixlog 15:52:48 ====

Re: Trojský kůň

Napsal: 03 zář 2016 15:41
od Rudy
Smazáno. Nastala nějaká změna?

Re: Trojský kůň

Napsal: 03 zář 2016 16:04
od lebka75
díky moc za pomoc :thumbsup: . PC naběhlo dnes normálně, tak to snad bude Ok. Děkuji :worship:

Re: Trojský kůň

Napsal: 03 zář 2016 17:08
od Rudy
Snad ano. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz