VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=150739

Stránka 1 z 1

Kontrola logu

Napsal: 03 pro 2016 10:43
od Bruno39
Dobry den
Potreboval by som skontrolovat log lebo seka notebook dakujem :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-12-2016
Ran by martin (administrator) on ANKA (03-12-2016 10:35:04)
Running from C:\Users\marti\Desktop
Loaded Profiles: martin (Available Profiles: martin)
Platform: Windows 10 Pro Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(BitTorrent Inc.) C:\Users\marti\AppData\Roaming\BitTorrent\BitTorrent.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(BitTorrent Inc.) C:\Users\marti\AppData\Roaming\BitTorrent\updates\7.9.9_42974\bittorrentie.exe
(BitTorrent Inc.) C:\Users\marti\AppData\Roaming\BitTorrent\updates\7.9.9_42974\bittorrentie.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-07-30] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [45056 2006-12-27] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [143360 2007-05-29] (NewSoft)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\Run: [BitTorrent] => C:\Users\marti\AppData\Roaming\BitTorrent\BitTorrent.exe [2149064 2016-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2023712 2016-07-27] (IObit)
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\MountPoints2: {02b085b5-b622-11e5-9bf6-74e543bfdfa1} - "D:\setup.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWoW64\nvinit.dll => C:\WINDOWS\SysWoW64\nvinit.dll [155280 2015-07-30] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-11-01]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e09b0b50-7d49-4a2d-9add-259585fb0905}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f8d79c91-f26e-40cb-94a7-7b5647f68532}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: xabtytar.default
FF ProfilePath: C:\Users\marti\AppData\Roaming\Mozilla\Firefox\Profiles\xabtytar.default [2016-12-03]
FF user.js: detected! => C:\Users\marti\AppData\Roaming\Mozilla\Firefox\Profiles\xabtytar.default\user.js [2016-11-07]
FF Homepage: Mozilla\Firefox\Profiles\xabtytar.default -> hxxp://www.google.sk
FF NetworkProxy: Mozilla\Firefox\Profiles\xabtytar.default -> type", 0
FF Extension: (Plná Peněženka Lištička) - C:\Users\marti\AppData\Roaming\Mozilla\Firefox\Profiles\xabtytar.default\Extensions\@plnapenezenkacz-firefox-extension.xpi [2016-11-26]
FF Extension: (Firefox Hotfix) - C:\Users\marti\AppData\Roaming\Mozilla\Firefox\Profiles\xabtytar.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (Adblock Plus) - C:\Users\marti\AppData\Roaming\Mozilla\Firefox\Profiles\xabtytar.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-26]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-30] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-508772658-3191935093-2950071269-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\marti\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default [2016-06-22]
CHR Extension: (Dokumenty Google) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-16]
CHR Extension: (Disk Google) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-30]
CHR Extension: (YouTube) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Google Search) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-16]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-05-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (Skype) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-30]
CHR Extension: (Iomods) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2016-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
CHR Extension: (Gmail) - C:\Users\marti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [452384 2016-07-25] (IObit)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-07-20] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2141192 2016-09-30] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2206224 2016-09-30] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2016-01-09] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2015-08-16] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S1 tzxemtil; C:\WINDOWS\system32\drivers\tzxemtil.sys [55168 2016-12-03] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 cpuz138; \??\C:\Users\marti\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-03 10:35 - 2016-12-03 10:36 - 00014330 _____ C:\Users\marti\Desktop\FRST.txt
2016-12-03 10:33 - 2016-12-03 10:33 - 02411520 _____ (Farbar) C:\Users\marti\Desktop\FRST64.exe
2016-12-03 10:25 - 2016-12-03 10:25 - 00002480 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_martin
2016-12-03 10:25 - 2016-12-03 10:25 - 00000290 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_martin.job
2016-12-03 07:41 - 2016-12-03 07:41 - 00092666 _____ C:\Users\marti\Downloads\Ben-Hur(0000279959).srt
2016-12-03 06:11 - 2016-12-03 06:11 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tzxemtil.sys
2016-12-03 06:08 - 2016-12-03 06:08 - 170848590 _____ C:\Users\marti\Downloads\FF7cz_v1.2.2.zip
2016-12-02 10:46 - 2016-12-03 07:40 - 00000000 ____D C:\Users\marti\AppData\LocalLow\BitTorrent
2016-12-01 22:49 - 2016-12-01 22:50 - 18598991 _____ C:\Users\marti\Downloads\rld-ff7.7z
2016-12-01 22:43 - 2016-12-01 22:43 - 00000000 ____D C:\Users\marti\Documents\Square Enix
2016-12-01 22:36 - 2016-12-01 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fantasy VII
2016-12-01 22:31 - 2016-12-03 06:38 - 00000113 _____ C:\Users\marti\AppData\Local\TempDiskpartScript.txt
2016-12-01 22:29 - 2016-12-01 22:29 - 00000896 _____ C:\Users\Public\Desktop\Final Fantasy VII Enhanced CZ.lnk
2016-12-01 22:29 - 2016-12-01 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Final Fantasy VII Enhanced CZ
2016-12-01 16:17 - 2016-12-01 16:17 - 00000000 ____D C:\Users\marti\AppData\Roaming\Frogwares
2016-12-01 16:17 - 2016-12-01 16:17 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-12-01 16:12 - 2016-12-01 16:12 - 00001092 _____ C:\Users\Public\Desktop\The Testament of Sherlock Holmes.lnk
2016-12-01 16:12 - 2016-12-01 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
2016-12-01 12:09 - 2016-12-01 12:10 - 12892134 _____ C:\Users\marti\Downloads\The-Testament-of-Sherlock-Holmes-CEŠTINA-BY-SALIERI.rar
2016-12-01 12:06 - 2016-12-01 12:09 - 51580149 _____ C:\Users\marti\Downloads\The-Testament-of-Sherlock-Holmes---čeština.rar
2016-11-29 22:09 - 2016-11-29 22:10 - 49047031 _____ C:\Users\marti\Downloads\FM.17.Crack.Only.V1-MKDEV.rar
2016-11-29 21:57 - 2016-11-29 21:57 - 00003082 _____ C:\WINDOWS\System32\Tasks\SmartDefrag_Update
2016-11-29 21:50 - 2016-11-29 21:50 - 03910208 _____ C:\Users\marti\Desktop\adwcleaner_6.030.exe
2016-11-29 21:34 - 2016-11-29 21:34 - 00000000 ____H C:\asc_rdflag
2016-11-29 21:19 - 2016-12-02 10:45 - 00002248 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-11-29 21:19 - 2016-11-29 21:19 - 00003298 _____ C:\WINDOWS\System32\Tasks\ASC9_PerformanceMonitor
2016-11-29 21:19 - 2016-11-29 21:19 - 00002426 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_martin
2016-11-29 21:19 - 2016-11-29 21:19 - 00001445 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-11-29 21:19 - 2016-11-29 21:19 - 00000250 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_martin.job
2016-11-27 07:24 - 2016-11-27 07:24 - 00000000 ____D C:\Users\marti\AppData\Local\Apple Computer
2016-11-27 07:23 - 2016-11-29 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-11-27 07:23 - 2016-11-27 07:23 - 00000000 ____D C:\ProgramData\Apple Computer
2016-11-27 07:23 - 2016-11-27 07:23 - 00000000 ____D C:\Program Files\iPod
2016-11-27 07:22 - 2016-11-29 21:46 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-27 07:22 - 2016-11-27 07:22 - 00000000 ____D C:\Users\marti\AppData\Local\Apple
2016-11-27 07:21 - 2016-11-29 21:46 - 00000000 ____D C:\ProgramData\Apple
2016-11-26 17:52 - 2016-11-29 21:55 - 146808832 _____ C:\Users\marti\Documents\CSGO_Changer.img
2016-11-26 17:48 - 2016-11-26 17:48 - 00000000 ____D C:\ProgramData\SoftPerfect
2016-11-26 17:43 - 2016-11-26 17:43 - 04332773 _____ C:\Users\marti\Desktop\CSGO Changer (1).rar
2016-11-18 11:36 - 2016-12-03 10:25 - 00000000 ____D C:\Users\marti\AppData\LocalLow\Mozilla
2016-11-18 09:15 - 2016-12-01 11:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-13 18:16 - 2016-11-13 18:16 - 00046548 _____ C:\Users\marti\Downloads\The.Exorcist.S01E07.HDTV.XviD-AFG.srt
2016-11-11 20:03 - 2016-10-29 00:56 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-11-11 20:03 - 2016-10-29 00:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-09 09:07 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 09:07 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 09:07 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 09:07 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 09:07 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 09:07 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 09:07 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 09:07 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 09:07 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 09:07 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 09:07 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 09:07 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 09:07 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 09:07 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 09:07 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 09:07 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 09:07 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 09:07 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 09:07 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 09:07 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 09:07 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 09:07 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 09:07 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 09:07 - 2016-11-02 11:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-09 09:07 - 2016-11-02 11:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-09 09:07 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 09:07 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 09:07 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 09:07 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 09:07 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 09:07 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 09:07 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 09:07 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 09:07 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 09:07 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 09:07 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 09:07 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 09:07 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 09:07 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 09:07 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 09:07 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 09:07 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 09:07 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 09:07 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 09:07 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 09:07 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 09:07 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 09:07 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 09:07 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 09:07 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 09:07 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 09:07 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 09:07 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 09:07 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 09:07 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 09:07 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 09:07 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 09:06 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 09:06 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 09:06 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 09:06 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 09:06 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 09:06 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 09:06 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 09:06 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 09:06 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 09:06 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 09:06 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 09:06 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 09:06 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 09:06 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 09:06 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 09:06 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 09:06 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 09:06 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 09:06 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 09:06 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 09:06 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 09:06 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 09:06 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 09:06 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 09:06 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 09:06 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 09:06 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 09:06 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 09:06 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 09:06 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 09:06 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 09:06 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 09:06 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 09:06 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 09:06 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 09:06 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 09:06 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 09:06 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 09:06 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 09:06 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 09:06 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 09:06 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 09:06 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 09:06 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 09:06 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 09:06 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 09:06 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 09:06 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 09:05 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 09:05 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 09:05 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 09:05 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 09:05 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 09:05 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 09:05 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 09:05 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 09:05 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 09:05 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 09:05 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 09:05 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 09:05 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 09:05 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 09:05 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 09:05 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 09:05 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 09:05 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 09:05 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 09:05 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 09:05 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 09:05 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 09:05 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 09:05 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 09:05 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 09:05 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 09:05 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 09:05 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 09:05 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 09:05 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 09:05 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 09:05 - 2016-11-02 11:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-09 09:05 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 09:05 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 09:05 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 09:05 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 09:05 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 09:05 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 09:05 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 09:04 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 09:04 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 09:04 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 09:04 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 09:04 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 09:04 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 09:04 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 09:04 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 09:04 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 09:04 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 09:04 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 09:04 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 09:04 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 09:04 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 09:04 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 09:04 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 09:04 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 09:04 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 09:04 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 09:04 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 09:04 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 09:04 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 09:04 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 09:04 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 09:04 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 09:04 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 09:04 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 09:04 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 09:04 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 09:04 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 09:04 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 09:04 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 09:04 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 09:04 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 09:04 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 09:04 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 09:04 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 09:04 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 09:04 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 09:04 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 09:04 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 09:04 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 09:04 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 09:04 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 09:04 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 09:04 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 09:04 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 09:04 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 09:04 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 09:04 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 09:04 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 09:04 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 09:04 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 09:04 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 09:04 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 09:04 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-09 09:03 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 09:03 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 09:03 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 09:03 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 09:03 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 09:03 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 09:03 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 09:03 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 09:03 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 09:03 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 09:03 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 09:03 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 09:03 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 09:03 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 09:03 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 09:03 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 09:03 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 09:03 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 09:03 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 09:03 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 09:03 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 09:03 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 09:03 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 09:03 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 09:03 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 09:03 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 09:03 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 09:03 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 09:03 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 09:03 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 09:03 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 09:03 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 09:03 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 09:03 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 09:03 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 09:03 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 09:03 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 09:03 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 09:03 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 09:03 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 09:03 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 09:03 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 09:03 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 09:03 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 09:03 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 09:03 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 09:03 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 09:03 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 09:03 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 09:03 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 09:03 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 09:03 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 09:03 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 09:03 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 09:03 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 09:03 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 09:03 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 09:03 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-07 14:49 - 2016-11-07 14:49 - 05304320 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2016-11-06 19:12 - 2016-11-06 19:12 - 05304320 _____ C:\WINDOWS\system32\config\DRIVERS.iobit

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-03 10:35 - 2016-01-01 14:52 - 00000000 ____D C:\FRST
2016-12-03 10:35 - 2015-07-30 12:49 - 00000000 ____D C:\Users\marti\AppData\Roaming\BitTorrent
2016-12-03 10:26 - 2015-10-17 11:51 - 00000000 ____D C:\Users\marti\AppData\Roaming\Skype
2016-12-03 10:26 - 2015-08-02 10:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-03 10:25 - 2016-08-04 13:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-03 09:56 - 2016-01-06 09:14 - 00001136 _____ C:\Users\marti\Desktop\nativelog.txt
2016-12-03 09:31 - 2015-10-04 06:52 - 00000000 ____D C:\Users\marti\AppData\Roaming\.minecraft
2016-12-03 06:22 - 2016-08-04 13:35 - 00000000 ____D C:\Users\marti
2016-12-02 15:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-02 11:00 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-01 22:58 - 2015-07-30 11:53 - 00000000 ____D C:\Users\marti\AppData\Local\VirtualStore
2016-12-01 19:30 - 2016-05-14 15:33 - 00000000 ____D C:\Users\marti\AppData\Roaming\TS3Client
2016-12-01 16:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-01 16:17 - 2016-08-04 13:29 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-30 20:53 - 2016-10-16 14:15 - 00000000 ____D C:\Users\marti\AppData\Roaming\MPC-HC
2016-11-30 14:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-30 14:10 - 2015-10-07 11:55 - 00000000 ____D C:\Users\marti\Desktop\game
2016-11-30 12:42 - 2015-08-18 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-29 22:00 - 2016-09-30 19:49 - 00612610 _____ C:\WINDOWS\system32\perfh01B.dat
2016-11-29 22:00 - 2016-09-30 19:49 - 00183500 _____ C:\WINDOWS\system32\perfc01B.dat
2016-11-29 22:00 - 2015-07-30 11:49 - 02162896 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-29 21:55 - 2016-08-04 13:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-29 21:55 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-29 21:54 - 2016-01-01 14:29 - 00000000 ____D C:\AdwCleaner
2016-11-29 21:47 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-29 21:34 - 2016-09-24 08:24 - 79683584 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-11-29 21:34 - 2016-09-24 08:24 - 00405504 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-11-29 21:34 - 2016-09-24 08:24 - 00040960 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-11-29 21:34 - 2016-09-24 08:24 - 00024576 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-11-29 21:19 - 2016-01-01 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-11-29 21:19 - 2016-01-01 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-11-27 15:48 - 2016-05-14 15:47 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-27 08:18 - 2015-07-30 14:39 - 00000000 ____D C:\Users\marti\AppData\Roaming\Apple Computer
2016-11-26 15:47 - 2015-07-30 14:39 - 00000000 ____D C:\ProgramData\ProductData
2016-11-20 11:49 - 2015-10-17 11:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-20 11:49 - 2015-10-17 11:51 - 00000000 ____D C:\ProgramData\Skype
2016-11-19 22:23 - 2015-07-30 12:52 - 00000000 ____D C:\KMPlayer
2016-11-16 17:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-15 16:59 - 2015-10-16 15:09 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-13 18:05 - 2015-07-30 11:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-11 20:12 - 2016-08-04 13:26 - 00203520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-11 20:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-11 20:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-11 20:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-11 20:08 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-11 20:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-11 20:08 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-09 10:27 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 10:19 - 2015-08-19 13:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 10:13 - 2015-08-19 13:02 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-07 12:18 - 2015-10-07 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps

==================== Files in the root of some directories =======

2016-09-27 18:48 - 2016-09-27 19:18 - 0000005 _____ () C:\Users\marti\AppData\Roaming\version.ini
2016-06-23 06:02 - 2016-06-23 06:02 - 0003584 _____ () C:\Users\marti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-01 22:31 - 2016-12-03 06:38 - 0000113 _____ () C:\Users\marti\AppData\Local\TempDiskpartScript.txt
2016-08-04 13:29 - 2016-08-04 13:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-01 18:18 - 2015-11-01 18:24 - 0000825 _____ () C:\ProgramData\hpzinstall.log
2015-12-29 20:50 - 2016-01-01 13:25 - 0001582 _____ () C:\ProgramData\XML

Some files in TEMP:
====================
C:\Users\marti\AppData\Local\Temp\libeay32.dll
C:\Users\marti\AppData\Local\Temp\msvcr120.dll
C:\Users\marti\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-12-02 11:34

==================== End of FRST.txt ============================

Re: Kontrola logu

Napsal: 03 pro 2016 10:45
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Kontrola logu

Napsal: 03 pro 2016 10:55
od Bruno39
# AdwCleaner v6.040 - Log vytvořen 03/12/2016 v 10:54:27
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-02.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : martin - ANKA
# Spuštěno z : C:\Users\marti\Desktop\adwcleaner_6.040.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.


***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.


***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.


***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [16062 Bajty] - [01/01/2016 14:33:50]
C:\AdwCleaner\AdwCleaner[C2].txt - [2133 Bajty] - [01/01/2016 18:21:03]
C:\AdwCleaner\AdwCleaner[C3].txt - [1625 Bajty] - [27/09/2016 19:28:22]
C:\AdwCleaner\AdwCleaner[C4].txt - [1593 Bajty] - [18/10/2016 17:10:40]
C:\AdwCleaner\AdwCleaner[C5].txt - [2609 Bajty] - [29/11/2016 21:54:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [15350 Bajty] - [01/01/2016 14:29:57]
C:\AdwCleaner\AdwCleaner[S2].txt - [1927 Bajty] - [01/01/2016 18:17:52]
C:\AdwCleaner\AdwCleaner[S3].txt - [1879 Bajty] - [27/09/2016 19:28:10]
C:\AdwCleaner\AdwCleaner[S4].txt - [1853 Bajty] - [18/10/2016 17:10:30]
C:\AdwCleaner\AdwCleaner[S5].txt - [2782 Bajty] - [29/11/2016 21:53:40]
C:\AdwCleaner\AdwCleaner[S6].txt - [1939 Bajty] - [03/12/2016 10:54:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [2012 Bajty] ##########

Re: Kontrola logu

Napsal: 03 pro 2016 11:15
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\MountPoints2: {02b085b5-b622-11e5-9bf6-74e543bfdfa1} - "D:\setup.exe"
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
C:\Program Files (x86)\Skype\Toolbars
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
C:\Users\marti\AppData\Roaming\version.ini
C:\Users\marti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\marti\AppData\Local\Temp
Task: {394BFF1C-A867-4BF2-8C9B-430871414FCA} - System32\Tasks\KMSpico Update => Wscript.exe //nologo //B //E:jscript "C:\Users\marti\AppData\Roaming\KMSpico\settings.ini" <==== ATTENTION
Task: C:\WINDOWS\Tasks\KMSpico Update.job => Wscript.exe O/nologo /B /E:jscript C:\Users\marti\AppData\Roaming\KMSpico\settings.ini <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat AdvancedSystemCare. Tento optimizer občas vidí chyby o tam, kde nejsou a laik si jím snadno může poškodit systém.

Re: Kontrola logu

Napsal: 03 pro 2016 11:33
od Bruno39
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-12-2016
Ran by martin (03-12-2016 11:20:29) Run:2
Running from C:\Users\marti\Desktop
Loaded Profiles: martin (Available Profiles: martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-508772658-3191935093-2950071269-1001\...\MountPoints2: {02b085b5-b622-11e5-9bf6-74e543bfdfa1} - "D:\setup.exe"
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
C:\Program Files (x86)\Skype\Toolbars
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
C:\Users\marti\AppData\Roaming\version.ini
C:\Users\marti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\marti\AppData\Local\Temp
Task: {394BFF1C-A867-4BF2-8C9B-430871414FCA} - System32\Tasks\KMSpico Update => Wscript.exe //nologo //B //E:jscript "C:\Users\marti\AppData\Roaming\KMSpico\settings.ini" <==== ATTENTION
Task: C:\WINDOWS\Tasks\KMSpico Update.job => Wscript.exe O/nologo /B /E:jscript C:\Users\marti\AppData\Roaming\KMSpico\settings.ini <==== ATTENTION

EmptyTemp:
End
*****************

"HKU\S-1-5-21-508772658-3191935093-2950071269-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02b085b5-b622-11e5-9bf6-74e543bfdfa1}" => key removed successfully
HKCR\CLSID\{02b085b5-b622-11e5-9bf6-74e543bfdfa1} => key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
C:\WINDOWS\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\Users\marti\AppData\Roaming\version.ini => moved successfully
C:\Users\marti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\marti\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{394BFF1C-A867-4BF2-8C9B-430871414FCA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{394BFF1C-A867-4BF2-8C9B-430871414FCA}" => key removed successfully
C:\WINDOWS\System32\Tasks\KMSpico Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSpico Update" => key removed successfully
C:\WINDOWS\Tasks\KMSpico Update.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 89267336 B
Java, Flash, Steam htmlcache => 247434440 B
Windows/system/drivers => 45286214 B
Edge => 27890078 B
Chrome => 2656342 B
Firefox => 392387272 B
Opera => 9706208 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1750388 B
NetworkService => 102485420 B
marti => 2209809 B

RecycleBin => 0 B
EmptyTemp: => 878.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:27:15 ====

Re: Kontrola logu

Napsal: 03 pro 2016 15:04
od Rudy
Smazáno. Nastala nějaká změna?

Re: Kontrola logu

Napsal: 04 pro 2016 20:16
od Bruno39
V mozzile to stale trosku seka

Re: Kontrola logu

Napsal: 04 pro 2016 20:19
od Rudy
Zkusíme vyčistit prohlížeče. Spusťte tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz