VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

malware

https://forum.viry.cz:443/viewtopic.php?t=152122

Stránka 1 z 1

malware

Napsal: 17 kvě 2017 12:18
od Mato1357
Zdravicko, prosim vas o pomoc s problemom:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by Martin (administrator) on MATOWORK1 (17-05-2017 13:05:59)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Opera Software) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe
(hxxp://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe
(forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-10-21] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [228568 2015-06-25] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6623112 2016-10-05] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {035dde46-a0fd-11e6-8300-7429af9347ea} - "G:\Setup.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {035dde66-a0fd-11e6-8300-7429af9347ea} - "G:\Setup.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {0f3d5ee8-2b1d-11e7-831a-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {39915a8f-d81b-11e6-8311-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {5c87fae5-d2ab-11e6-8311-7429af9347ea} - "H:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {ad90c208-9d0f-11e6-82fc-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {c49e51e1-79ff-11e6-808c-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {cf1ffbc4-ef70-11e6-8314-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e0f2973c-e85b-11e6-8313-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e5de847a-f831-11e6-8317-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e5de871b-f831-11e6-8317-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e7b47d0a-5251-11e6-82ed-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {f821ce27-c203-11e6-830d-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {f821ce69-c203-11e6-830d-7429af9347ea} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {fd6f1d5f-766b-11e6-808c-7429af9347ea} - "G:\Lenovo_Suite.exe"
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Martin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Martin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Martin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Martin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Martin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Martin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2017-05-16]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-05-16]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (No File)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-05-16]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Martin\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3264591501-1418884257-1146474618-1002] => 217.119.125.102:8081
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.168.1.2 193.86.13.67
Tcpip\..\Interfaces\{aab08217-ac52-4b15-837b-b0dc8d8810a6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b641d0b6-07f3-4d41-9b34-25899fa75301}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b641d0b6-07f3-4d41-9b34-25899fa75301}: [DhcpNameServer] 195.168.1.2 193.86.13.67
Tcpip\..\Interfaces\{f7792e7a-d8b1-47e5-9eb4-e1afc379b9b0}: [DhcpNameServer] 195.168.1.2 193.86.13.67
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/en-us/?pc=U270&ocid=U270DHP
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-16] (Microsoft Corporation)
Handler: WSWSVCUchrome - No CLSID Value

FireFox:
========
FF DefaultProfile: w0e025dq.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\w0e025dq.default [2017-05-17]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\w0e025dq.default -> initialsite123
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\w0e025dq.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\w0e025dq.default -> initialsite123
FF Homepage: Mozilla\Firefox\Profiles\w0e025dq.default -> user_pref("browser.startup.homepage", "hxxps://www.malwarebytes.org/restorebrowser/
FF Keyword.URL: Mozilla\Firefox\Profiles\w0e025dq.default -> hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Extension: (Bing Search) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\w0e025dq.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-05]
FF Extension: (Firefox Hotfix) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\w0e025dq.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-02-25]
FF Extension: (SQLite Manager) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\w0e025dq.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2017-02-25]
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\w0e025dq.default\searchplugins\bing-.xml [2016-09-05]
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3264591501-1418884257-1146474618-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3264591501-1418884257-1146474618-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HomePage: ChromeDefaultData2 -> msn.com
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.initialsite123.com/?z=30971dc954d96 ... 55&type=hp"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.initialsite123.com/search/?q={searc ... 55&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData2 -> 82initialsite123
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-05-17] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-07]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-07]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Bing) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-05-17]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-16]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (RestMan) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aahelpfcopefplnmnphdochceilphfeb [2016-05-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-09-15] (AOMEI Tech Co., Ltd.) [File not signed]
R2 BIT; C:\ProgramData\BIT\BIT.dll [1857536 2017-05-16] (BIT) [File not signed] <==== ATTENTION
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-29] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-29] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-29] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2014-11-25] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-11-17] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2016-12-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [411936 2015-06-24] (Intel Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-10-21] (Realtek Semiconductor)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2014-03-06] (Dell SonicWALL, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-08-22] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [30648 2015-02-26] () [File not signed]
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-26] () [File not signed]
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-26] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-26] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-26] () [File not signed]
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-29] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-28] (Bluestack System Inc. )
S3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [95248 2015-05-12] (Realtek Semiconductor Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [14976 2015-09-23] (ESET)
R1 FNETURPX; C:\WINDOWS\SysWOW64\drivers\FNETURPX.SYS [16648 2015-11-13] (FNet Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-16] (REALiX(tm))
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
S3 leusbser; C:\WINDOWS\system32\DRIVERS\leusbser.sys [238080 2013-08-01] (QUALCOMM Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [624424 2015-12-11] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [772336 2015-09-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3222016 2017-03-09] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6294016 2017-02-01] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-04-08] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-08] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 SWIPsec; C:\WINDOWS\system32\Drivers\SWIPsec.sys [110064 2014-03-06] (Dell SonicWALL, Inc.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Re: malware

Napsal: 17 kvě 2017 12:19
od Mato1357
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-17 13:05 - 2017-05-17 13:06 - 00031591 _____ C:\Users\Martin\Desktop\FRST.txt
2017-05-17 13:05 - 2017-05-17 13:05 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2017-05-17 13:05 - 2017-05-17 13:05 - 00000000 ____D C:\FRST
2017-05-17 13:04 - 2017-05-17 13:05 - 02429952 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2017-05-17 12:16 - 2017-05-17 12:16 - 00000022 _____ C:\WINDOWS\S.dirmngr
2017-05-17 11:52 - 2017-05-17 12:16 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Ankeward
2017-05-17 11:52 - 2017-05-17 11:52 - 00000000 ____D C:\Users\Martin\AppData\Local\Kupezoperty
2017-05-17 11:52 - 2017-05-17 11:52 - 00000000 ____D C:\Program Files (x86)\Reerdly
2017-05-17 11:52 - 2017-05-17 11:52 - 00000000 ____D C:\Program Files (x86)\Bijile Verfier
2017-05-17 11:51 - 2017-05-17 12:15 - 00000000 ____D C:\Program Files (x86)\YoutubeAdBlockIE
2017-05-17 11:51 - 2017-05-17 11:51 - 00000000 ____D C:\Program Files (x86)\YoutubeAdBlockUn
2017-05-17 11:51 - 2017-05-17 11:51 - 00000000 ____D C:\Program Files (x86)\YoutubeAdBlockU
2017-05-16 21:02 - 2017-05-16 20:46 - 326133208 _____ C:\Users\Martin\Desktop\soul.mov
2017-05-16 20:58 - 2017-05-16 20:59 - 08583187 _____ C:\Users\Martin\Desktop\z3soul.mp4
2017-05-16 13:22 - 2017-05-16 13:26 - 00000000 ____D C:\Users\Martin\Desktop\z3
2017-05-16 13:01 - 2017-05-17 12:48 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-05-16 12:51 - 2017-05-16 20:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\HandBrake
2017-05-16 12:51 - 2017-05-16 12:51 - 00000000 ____D C:\Users\Martin\AppData\Roaming\HandBrake Team
2017-05-16 12:50 - 2017-05-16 12:50 - 10468271 _____ C:\Users\Martin\Desktop\HandBrake-1.0.7-x86_64-Win_GUI.exe
2017-05-16 12:50 - 2017-05-16 12:50 - 00000872 _____ C:\Users\Martin\Desktop\HandBrake.lnk
2017-05-16 12:50 - 2017-05-16 12:50 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2017-05-16 12:50 - 2017-05-16 12:50 - 00000000 ____D C:\Program Files\HandBrake
2017-05-16 12:13 - 2017-05-16 12:13 - 00000290 __RSH C:\Users\Martin\ntuser.pol
2017-05-16 12:10 - 2017-05-16 12:13 - 00000080 _____ C:\Users\Martin\Desktop\e-MAJETOK.exe - odkaz.lnk
2017-05-16 11:54 - 2017-05-16 12:10 - 00000000 ____D C:\ProgramData\Microleaves
2017-05-16 11:51 - 2017-05-16 12:10 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microleaves
2017-05-16 11:51 - 2017-05-16 11:51 - 00000020 _____ C:\ServiceLog.txt
2017-05-16 11:51 - 2017-05-16 11:51 - 00000000 ____D C:\Users\Martin\AppData\Roaming\VDI
2017-05-16 11:51 - 2017-05-16 11:51 - 00000000 ____D C:\Users\Martin\AppData\Local\AdvinstAnalytics
2017-05-16 11:49 - 2017-05-16 11:49 - 00000000 ____D C:\ProgramData\BIT
2017-05-16 11:49 - 2017-05-16 11:49 - 00000000 ____D C:\Program Files (x86)\MIO
2017-05-16 11:47 - 2017-05-16 12:49 - 00000000 ____D C:\Program Files (x86)\Total Video Converter
2017-05-16 11:47 - 2017-05-16 11:47 - 00140800 _____ C:\Users\Martin\AppData\Local\installer.dat
2017-05-16 11:47 - 2017-05-16 11:47 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-05-16 11:47 - 2017-05-16 11:47 - 00011568 _____ C:\Users\Martin\AppData\Local\InstallationConfiguration.xml
2017-05-16 10:55 - 2017-05-16 10:55 - 00070656 ___SH (www.helixcommunity.org) C:\WINDOWS\SysWOW64\i420vfw.dll
2017-05-16 10:55 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\WINDOWS\SysWOW64\avisynth.dll
2017-05-16 10:55 - 2005-07-14 12:31 - 00032256 ___SH C:\WINDOWS\SysWOW64\AVSredirect.dll
2017-05-16 10:55 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\WINDOWS\SysWOW64\devil.dll
2017-05-16 10:55 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\WINDOWS\SysWOW64\yv12vfw.dll
2017-05-16 10:50 - 2017-05-16 10:50 - 00000000 ____D C:\Users\Martin\Documents\eRightSoft
2017-05-16 10:48 - 2017-05-16 11:42 - 00000000 ____D C:\ProgramData\ProductData
2017-05-16 10:48 - 2017-05-16 10:49 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\IObit
2017-05-16 10:48 - 2017-05-16 10:48 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2017-05-16 10:48 - 2017-05-16 10:48 - 00000000 ____D C:\WINDOWS\IObit
2017-05-16 10:48 - 2017-05-16 10:48 - 00000000 ____D C:\ProgramData\IObit
2017-05-16 10:47 - 2017-05-17 11:51 - 00000290 __RSH C:\ProgramData\ntuser.pol
2017-05-16 10:47 - 2017-05-16 12:12 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Bumudom
2017-05-16 10:47 - 2017-05-16 10:48 - 00000000 ____D C:\Users\Martin\AppData\Local\Shovusgrootain
2017-05-16 10:47 - 2017-05-16 10:47 - 00078848 _____ C:\WINDOWS\Manager.exe
2017-05-16 10:47 - 2017-05-16 10:47 - 00000000 ____D C:\Users\Martin\AppData\Roaming\IObit
2017-05-16 10:47 - 2017-05-16 10:47 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2017-05-16 10:47 - 2016-05-05 13:23 - 00556216 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avutil-lav-55.dll
2017-05-16 10:47 - 2016-05-05 13:23 - 00537784 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\swscale-lav-4.dll
2017-05-16 10:47 - 2016-05-05 13:23 - 00405176 __RSH (Intel Corp.) C:\WINDOWS\SysWOW64\IntelQuickSyncDecoder.dll
2017-05-16 10:47 - 2016-05-05 13:23 - 00276152 __RSH C:\WINDOWS\SysWOW64\libbluray.dll
2017-05-16 10:47 - 2016-05-05 13:23 - 00000493 __RSH C:\WINDOWS\SysWOW64\LAVFilters.Dependencies.manifest
2017-05-16 10:47 - 2016-05-05 13:22 - 10766520 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avcodec-lav-57.dll
2017-05-16 10:47 - 2016-05-05 13:22 - 01699000 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avformat-lav-57.dll
2017-05-16 10:47 - 2016-05-05 13:22 - 00188088 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avfilter-lav-6.dll
2017-05-16 10:47 - 2016-05-05 13:22 - 00160440 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avresample-lav-3.dll
2017-05-16 10:47 - 2012-10-05 19:54 - 00188416 ___SH C:\WINDOWS\SysWOW64\winDCE32.dll
2017-05-16 10:47 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\WINDOWS\SysWOW64\pncrt.dll
2017-05-16 10:47 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\drvc.dll
2017-05-16 10:47 - 2004-04-05 10:31 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2017-05-16 10:47 - 2004-04-05 10:31 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2017-05-16 10:46 - 2017-05-16 11:47 - 00000000 ____D C:\Program Files (x86)\Grutuphkevi
2017-05-16 10:31 - 2017-05-16 10:31 - 00000000 ____D C:\Users\Martin\Documents\EOS
2017-05-16 10:17 - 2017-05-16 10:31 - 00000000 ____D C:\Users\Martin\Desktop\Nový priečinok (17)
2017-05-16 10:14 - 2017-05-16 10:14 - 00000000 ____D C:\Users\Martin\AppData\Local\Movavi
2017-05-16 10:14 - 2017-05-16 10:14 - 00000000 ____D C:\Users\Martin\AppData\Local\converter
2017-05-16 10:14 - 2017-05-16 10:14 - 00000000 ____D C:\Users\Martin\.fontconfig
2017-05-16 10:13 - 2017-05-16 10:13 - 00005107 _____ C:\ProgramData\mudtcpaz.vzs
2017-05-16 10:13 - 2017-05-16 10:13 - 00000016 _____ C:\ProgramData\mntemp
2017-05-16 10:13 - 2017-05-16 10:13 - 00000000 ____D C:\ProgramData\Movavi Video Converter 17
2017-05-16 10:13 - 2017-05-16 10:13 - 00000000 ____D C:\ProgramData\Movavi
2017-05-15 15:47 - 2017-05-15 15:55 - 00000057 _____ C:\Users\Martin\Desktop\Nový textový dokument (6).txt
2017-05-12 16:42 - 2017-05-12 16:42 - 00073507 _____ C:\Users\Martin\Downloads\DataGridFilterLibrary_src_VS2010_default value in filter column field (5).zip
2017-05-12 16:42 - 2017-05-12 16:42 - 00073507 _____ C:\Users\Martin\Downloads\DataGridFilterLibrary_src_VS2010_default value in filter column field (4).zip
2017-05-12 16:42 - 2017-05-12 16:42 - 00073507 _____ C:\Users\Martin\Downloads\DataGridFilterLibrary_src_VS2010_default value in filter column field (3).zip
2017-05-12 16:42 - 2017-05-12 16:42 - 00073507 _____ C:\Users\Martin\Downloads\DataGridFilterLibrary_src_VS2010_default value in filter column field (2).zip
2017-05-12 16:40 - 2017-05-12 16:40 - 00073507 _____ C:\Users\Martin\Downloads\DataGridFilterLibrary_src_VS2010_default value in filter column field.zip
2017-05-12 16:40 - 2017-05-12 16:40 - 00073507 _____ C:\Users\Martin\Downloads\DataGridFilterLibrary_src_VS2010_default value in filter column field (1).zip
2017-05-11 15:05 - 2017-05-11 15:05 - 00001594 _____ C:\WINDOWS\VPNInstall.MIF
2017-05-11 15:05 - 2017-05-11 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Systems VPN Client
2017-05-11 15:05 - 2017-05-11 15:05 - 00000000 ____D C:\Program Files (x86)\Cisco Systems
2017-05-11 15:03 - 2017-05-11 15:05 - 00000000 ____D C:\Users\Martin\Desktop\Nový priečinok (11)
2017-05-11 14:51 - 2017-05-11 14:51 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dell SonicWALL
2017-05-11 14:50 - 2017-05-16 12:14 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global VPN Client.lnk
2017-05-11 14:50 - 2017-05-11 14:50 - 00000000 ____D C:\Program Files\Dell SonicWALL
2017-05-11 14:50 - 2014-03-06 15:11 - 00110064 _____ (Dell SonicWALL, Inc.) C:\WINDOWS\system32\Drivers\SWIPsec.sys
2017-05-11 14:47 - 2017-05-11 14:47 - 00000000 ____D C:\Program Files\Common Files\Deterministic Networks
2017-05-11 14:46 - 2017-05-11 14:46 - 05008407 _____ C:\Users\Martin\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9.zip
2017-05-11 14:46 - 2017-05-11 14:46 - 00000000 ____D C:\Users\Martin\Downloads\vpnclient-winx64-msi-5.0.07.0440-k9
2017-05-11 14:45 - 2017-05-11 14:45 - 00000765 _____ C:\Users\Martin\Desktop\BSK_C.PCF
2017-05-11 14:44 - 2017-05-11 14:44 - 00784281 _____ C:\Users\Martin\Downloads\dneupdate64.zip
2017-05-10 12:37 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 12:37 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 12:37 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 12:37 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 12:37 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 12:37 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 12:37 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 12:37 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 12:37 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 12:37 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 12:37 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 12:37 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 12:37 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 12:37 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 12:37 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 12:37 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 12:37 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 12:37 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 12:37 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 12:37 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 12:37 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 12:37 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 12:37 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 12:37 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 12:37 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 12:37 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 12:37 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 12:37 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 12:37 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 12:36 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 12:36 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 12:36 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 12:36 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 12:36 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 12:36 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 12:36 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 12:36 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 12:36 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 12:36 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 12:36 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 12:36 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 12:36 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 12:36 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 12:36 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 12:36 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 12:36 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 12:36 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 12:36 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 12:36 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 12:36 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 12:36 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 12:36 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 12:36 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 12:36 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 12:36 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 12:36 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 12:36 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 12:36 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 12:36 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 12:36 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 12:36 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 12:36 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 12:36 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 12:36 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 12:36 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 12:36 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 12:36 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 12:36 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 12:36 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 12:36 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 12:36 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 12:36 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 12:36 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 12:36 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 12:36 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 12:36 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 12:36 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 12:36 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 12:36 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 12:36 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 12:36 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 12:36 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 12:36 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 12:36 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 12:36 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 12:36 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 12:36 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 12:36 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 12:36 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 12:36 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 12:36 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 12:36 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 12:36 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 12:36 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 12:36 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 12:36 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 12:36 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 12:36 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 12:36 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 12:36 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 12:36 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 12:36 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 12:36 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 12:36 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 12:36 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 12:36 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 12:36 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 12:36 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 12:36 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 12:36 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 12:36 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 12:36 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 12:36 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 12:36 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 12:36 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 12:36 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 12:36 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 12:36 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 12:36 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 12:36 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 12:36 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 12:36 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 12:36 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 12:36 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 12:36 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 12:36 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 12:36 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 12:36 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 12:36 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 12:36 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 12:36 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 12:36 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 12:36 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 12:36 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 12:36 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 12:36 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 12:36 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 12:36 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 12:36 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 12:36 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 12:36 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 12:36 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 12:36 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 12:36 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 12:36 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 12:36 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 12:36 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 12:36 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 12:36 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 12:36 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 12:36 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 12:36 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 12:36 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 12:36 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 12:36 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 12:36 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 12:36 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-05-10 12:36 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 12:36 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 12:36 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 12:36 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-05-10 12:36 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 12:36 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 12:36 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 12:36 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 12:36 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 12:36 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 12:36 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 12:36 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 12:36 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-10 12:36 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 12:36 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 12:36 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 12:36 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 12:36 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 12:36 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 12:36 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 12:36 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 12:36 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 12:36 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 12:36 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 12:36 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 12:36 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 12:36 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 12:36 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 12:36 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 12:36 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 12:36 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 12:36 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 12:36 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 12:36 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 12:36 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 12:36 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 12:36 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 12:36 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 12:36 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 12:36 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 12:36 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 12:36 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 12:36 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 12:36 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 12:36 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 12:36 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 12:36 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 12:36 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 12:36 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 12:36 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 12:36 - 2017-04-28 01:42 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-05-10 12:36 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 12:36 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 12:36 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 12:36 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 12:36 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 12:36 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 12:36 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 12:36 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 12:36 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 12:36 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 12:36 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 12:36 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 12:36 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 12:36 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 12:36 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 12:36 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 12:36 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 12:36 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 12:36 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 12:36 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 12:36 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 12:36 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 12:36 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 12:36 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 12:36 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 12:36 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 12:36 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 12:36 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 12:36 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 12:36 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 12:36 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 12:36 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 12:36 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 12:36 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 12:36 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 12:36 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 12:36 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 12:36 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 12:36 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 12:36 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 12:36 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 12:36 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 12:36 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 12:36 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 12:36 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 12:35 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 12:35 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 12:35 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 12:35 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 12:35 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 12:35 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 12:35 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 12:35 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 12:35 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 12:35 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 12:35 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 12:35 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 12:35 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 12:35 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 12:35 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 12:35 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 12:35 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 12:35 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 12:35 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 12:35 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 12:35 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 12:35 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 12:35 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 12:35 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 12:35 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 12:35 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 12:35 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 12:35 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 12:35 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 12:35 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 12:35 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 12:35 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 12:35 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 12:35 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 12:35 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 12:35 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 12:35 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 12:35 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 12:35 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 12:35 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 12:35 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 12:35 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 12:35 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 12:35 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 12:35 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 12:35 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 12:35 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 12:35 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 12:35 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 12:35 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 12:35 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 12:35 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 12:35 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 12:35 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 12:35 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 12:35 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 12:35 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 12:35 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 12:35 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 12:35 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 12:35 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 12:35 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 12:35 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 12:35 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 12:35 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 12:35 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 12:35 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 12:35 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 12:35 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 12:35 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 12:35 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 12:35 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 12:35 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 12:35 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 12:35 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 12:35 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 12:35 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 12:35 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 12:35 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 12:35 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 12:35 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 12:35 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 12:35 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 12:35 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 12:35 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 12:35 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 12:35 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 12:35 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 12:35 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 12:35 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 12:35 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 12:35 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 12:35 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 12:35 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 12:35 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 12:35 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 12:35 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 12:35 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 12:35 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 12:35 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 12:35 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 12:35 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 12:35 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 12:35 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 12:35 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 12:35 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 12:35 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 12:35 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 12:35 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 12:35 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 12:35 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 12:35 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 12:35 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 12:35 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 12:35 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 12:35 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 12:35 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 12:35 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 12:35 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 12:35 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 12:35 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 12:35 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 12:35 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 12:35 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 12:35 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 12:35 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 12:35 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 12:35 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 12:35 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 12:35 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 12:35 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 12:35 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 12:35 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 12:35 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 12:35 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-06 22:15 - 2017-05-06 22:15 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Kodi
2017-05-03 10:33 - 2017-05-04 11:14 - 00000000 ____D C:\Users\Martin\Desktop\JobsForNextForm
2017-04-28 10:27 - 2017-04-28 10:27 - 00000000 ____D C:\Users\Martin\Desktop\eos
2017-04-26 13:05 - 2017-04-26 13:05 - 05972336 _____ C:\Users\Martin\Desktop\DSC_4179.mp4
2017-04-26 13:02 - 2017-04-26 13:02 - 00728444 _____ C:\Users\Martin\Desktop\VID-20170424-WA0005.mp4
2017-04-25 13:09 - 2017-04-25 13:33 - 00012173 _____ C:\Users\Martin\Desktop\denneHlasenie_2017-04-24.xlsx
2017-04-25 11:02 - 2017-05-16 16:41 - 00000000 ____D C:\Users\Martin\Desktop\2017_4_21_MAJALES RO(C)KU
2017-04-24 11:26 - 2017-04-24 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoMedia
2017-04-24 11:26 - 2017-04-24 11:26 - 00000000 ____D C:\Program Files\DVDVideoMedia

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-17 13:04 - 2015-03-07 18:53 - 00000000 ____D C:\Users\Martin\AppData\Local\TortoiseGit
2017-05-17 12:22 - 2016-09-29 13:48 - 01749574 _____ C:\WINDOWS\system32\perfh01B.dat
2017-05-17 12:22 - 2016-09-29 13:48 - 00521420 _____ C:\WINDOWS\system32\perfc01B.dat
2017-05-17 12:22 - 2016-09-07 09:45 - 04444504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 12:17 - 2016-09-07 09:44 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 12:17 - 2015-03-07 18:16 - 00000000 __SHD C:\Users\Martin\IntelGraphicsProfiles
2017-05-17 12:16 - 2016-09-07 09:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 12:16 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-17 12:14 - 2016-09-07 09:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 11:54 - 2016-11-07 14:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-17 09:49 - 2016-11-14 15:40 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2017-05-17 09:49 - 2016-09-07 09:45 - 00000000 ____D C:\Users\Martin
2017-05-17 09:18 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-17 09:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-16 21:21 - 2016-10-03 14:28 - 00000000 ____D C:\Users\Martin\AppData\Roaming\WhatsApp
2017-05-16 12:34 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-16 12:14 - 2017-03-22 20:43 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BOSS TONE STUDIO for ME-80.lnk
2017-05-16 12:14 - 2017-02-01 10:51 - 00002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symbol EMDK for Android v6.0.lnk
2017-05-16 12:14 - 2016-09-26 20:34 - 00001878 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-05-16 12:14 - 2016-09-26 20:34 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-05-16 12:14 - 2016-09-26 19:29 - 00001505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2017-05-16 12:14 - 2016-09-26 19:26 - 00001514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2017-05-16 12:14 - 2016-09-19 20:21 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-05-16 12:14 - 2016-09-07 09:55 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-16 12:14 - 2016-08-25 16:32 - 00001968 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk
2017-05-16 12:14 - 2016-07-27 18:14 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002570 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-05-16 12:14 - 2016-01-20 10:24 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-05-16 12:14 - 2015-12-09 20:48 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-16 12:14 - 2015-11-27 11:04 - 00002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-05-16 12:14 - 2015-11-19 16:19 - 00002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 12:14 - 2015-11-19 15:45 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-05-16 12:14 - 2015-07-06 13:54 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2017-05-16 12:14 - 2015-06-19 14:05 - 00001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2017-05-16 12:14 - 2015-06-01 16:37 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2017-05-16 12:14 - 2015-05-04 10:34 - 00001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2017-05-16 12:13 - 2017-03-23 22:16 - 00001242 _____ C:\Users\Public\Desktop\TASCAM Hi-Res Editor.lnk
2017-05-16 12:13 - 2017-03-22 20:43 - 00001127 _____ C:\Users\Public\Desktop\BOSS TONE STUDIO for ME-80.lnk
2017-05-16 12:13 - 2017-03-01 17:40 - 00002254 _____ C:\Users\Martin\Desktop\WhatsApp.lnk
2017-05-16 12:13 - 2016-11-30 13:27 - 00002100 _____ C:\Users\Martin\Desktop\cx240.exe.lnk
2017-05-16 12:13 - 2016-11-10 11:10 - 00000850 _____ C:\Users\Public\Desktop\SympatiaAgencyManagement.lnk
2017-05-16 12:13 - 2016-11-07 14:39 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-05-16 12:13 - 2016-10-12 17:07 - 00002152 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnk
2017-05-16 12:13 - 2016-10-04 12:34 - 00001935 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2017-05-16 12:13 - 2016-10-04 12:34 - 00001929 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2017-05-16 12:13 - 2016-09-29 15:52 - 00001156 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2017-05-16 12:13 - 2016-09-05 16:29 - 00000920 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-05-16 12:13 - 2015-08-13 12:36 - 00001058 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voliteľné funkcie.lnk
2017-05-16 12:13 - 2015-08-13 12:29 - 00002381 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-16 12:13 - 2015-06-19 14:05 - 00001014 _____ C:\Users\Public\Desktop\Arduino.lnk
2017-05-16 12:13 - 2015-06-15 19:38 - 00001274 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Free Sound Recorder.lnk
2017-05-16 12:12 - 2016-09-07 09:43 - 00411224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-16 12:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\tracing
2017-05-16 12:09 - 2016-07-16 08:04 - 00000000 ____D C:\Program Files\Web Gixer
2017-05-16 11:54 - 2015-03-07 20:22 - 00000000 ____D C:\Users\Martin\Documents\Visual Studio 2013
2017-05-16 11:51 - 2016-09-07 10:34 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-16 11:51 - 2015-04-22 11:45 - 00000000 ____D C:\Program Files\Tablet
2017-05-16 11:46 - 2015-03-07 20:44 - 00000000 ____D C:\Program Files (x86)\QXmlEdit
2017-05-16 11:45 - 2016-11-11 19:14 - 00000000 ____D C:\Users\Martin\AppData\Local\Picmeta
2017-05-16 11:45 - 2015-09-27 18:20 - 00000000 ____D C:\Program Files\POV-Ray
2017-05-16 11:44 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-16 11:43 - 2017-02-27 21:33 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2017-05-16 10:53 - 2016-10-13 16:14 - 00000000 ____D C:\Users\Martin\Documents\SAM
2017-05-16 10:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-05-16 10:46 - 2015-08-03 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-05-16 10:46 - 2015-08-03 17:28 - 00000000 ____D C:\ProgramData\Wondershare
2017-05-16 10:46 - 2015-08-03 17:28 - 00000000 ____D C:\Program Files (x86)\Wondershare
2017-05-16 10:35 - 2015-03-07 19:21 - 00000600 _____ C:\Users\Martin\AppData\Roaming\winscp.rnd
2017-05-16 10:21 - 2015-08-03 17:27 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2017-05-16 10:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-16 10:07 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-16 10:06 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-16 10:05 - 2014-11-22 03:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-15 10:33 - 2017-03-16 15:58 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-15 10:33 - 2015-04-15 16:14 - 00000000 ____D C:\ProgramData\Skype
2017-05-15 10:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 15:04 - 2016-01-26 14:23 - 00000000 ____D C:\Users\Martin\Desktop\e-MAJETOKv2.0.0.0
2017-05-11 15:00 - 2015-03-07 18:12 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 14:54 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 14:54 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-11 10:18 - 2016-10-24 11:42 - 00000000 ____D C:\Users\Martin\Desktop\BSK
2017-05-11 10:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-11 10:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 13:20 - 2015-03-07 18:16 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages
2017-05-10 11:51 - 2015-03-07 18:27 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-05-10 11:35 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 11:30 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-05-10 10:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-10 09:27 - 2016-08-04 16:46 - 00000000 ____D C:\Users\Martin\Documents\Visual Studio 2015
2017-05-10 09:16 - 2015-03-07 20:15 - 00000000 ____D C:\Users\Martin\AppData\Roaming\gnupg
2017-05-09 19:48 - 2015-03-13 11:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 19:45 - 2015-03-13 11:51 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 19:22 - 2015-03-07 18:24 - 00000000 ____D C:\Program Files (x86)\Opera
2017-05-03 14:34 - 2017-03-01 17:40 - 00000000 ____D C:\Users\Martin\AppData\Local\WhatsApp
2017-05-03 14:34 - 2016-10-03 14:28 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-05-03 14:34 - 2016-10-03 14:28 - 00000000 ____D C:\Users\Martin\AppData\Local\SquirrelTemp
2017-05-02 12:15 - 2015-04-22 11:47 - 00000000 ____D C:\ProgramData\Adobe
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 14:04 - 2017-03-11 20:11 - 00000000 ____D C:\Users\Martin\Desktop\Nový priečinok (2)
2017-04-28 03:01 - 2016-09-07 09:45 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-24 11:25 - 2017-03-23 22:16 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TASCAM
2017-04-19 10:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-19 10:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-19 10:58 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-19 09:52 - 2015-10-21 10:48 - 00000000 ____D C:\Users\Martin\Documents\Sound recordings

==================== Files in the root of some directories =======

2016-12-01 09:56 - 2016-12-02 18:49 - 0000223 _____ () C:\Users\Martin\AppData\Roaming\Opusbext.dat
2015-03-07 19:21 - 2017-05-16 10:35 - 0000600 _____ () C:\Users\Martin\AppData\Roaming\winscp.rnd
2015-08-24 10:22 - 2017-05-17 12:17 - 0975684 _____ () C:\Users\Martin\AppData\Local\BTServer.log
2016-09-09 15:18 - 2016-09-09 15:18 - 0000000 _____ () C:\Users\Martin\AppData\Local\debuggee.mdmp
2017-05-16 11:47 - 2017-05-16 11:47 - 0011568 _____ () C:\Users\Martin\AppData\Local\InstallationConfiguration.xml
2017-05-16 11:47 - 2017-05-16 11:47 - 0140800 _____ () C:\Users\Martin\AppData\Local\installer.dat
2016-09-28 11:57 - 2016-10-12 14:44 - 0000600 _____ () C:\Users\Martin\AppData\Local\PUTTY.RND
2015-11-13 18:24 - 2015-11-13 18:24 - 0007604 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
2015-07-07 12:11 - 2015-07-07 12:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-11-22 03:04 - 2015-03-08 15:19 - 14959806 _____ () C:\ProgramData\hpcsmmsilogs.log
2014-11-22 03:25 - 2014-11-22 03:25 - 1265084 _____ () C:\ProgramData\hpdam_install_log.txt
2014-11-22 03:25 - 2014-11-22 03:25 - 0573356 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt
2017-05-16 10:13 - 2017-05-16 10:13 - 0000016 _____ () C:\ProgramData\mntemp
2017-05-16 10:13 - 2017-05-16 10:13 - 0005107 _____ () C:\ProgramData\mudtcpaz.vzs
2015-08-24 22:17 - 2015-08-27 10:04 - 1666940 _____ () C:\ProgramData\SynFPRmsiLogs.log

Some files in TEMP:
====================
2017-05-16 10:47 - 2017-05-16 10:47 - 15721672 _____ (IObit ) C:\Users\Martin\AppData\Local\Temp\AD6C.tmp.exe
2017-05-16 10:47 - 2017-05-16 10:47 - 0074240 _____ () C:\Users\Martin\AppData\Local\Temp\DriverBoosterSetup.exe
2016-10-04 17:31 - 2014-03-13 15:06 - 6730304 _____ (Foxit Corporation) C:\Users\Martin\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
2017-05-16 10:47 - 2017-05-16 10:47 - 3020288 _____ (isMiner worker and updater for windows of isMiner inc ) C:\Users\Martin\AppData\Local\Temp\isminer.exe
2017-05-16 11:47 - 2017-05-17 11:47 - 0266752 _____ () C:\Users\Martin\AppData\Local\Temp\prepreinstaller_win.exe
2017-05-16 11:47 - 2017-05-17 11:47 - 2053120 _____ (TODO: <Company name>) C:\Users\Martin\AppData\Local\Temp\starter.exe
2017-03-16 15:56 - 2017-03-16 15:56 - 14456872 _____ (Microsoft Corporation) C:\Users\Martin\AppData\Local\Temp\vc_redist.x86.exe
2011-03-04 12:52 - 2011-03-04 12:52 - 0056832 _____ () C:\Users\Martin\AppData\Local\Temp\vpnclient_setup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Martin\Desktop" je 16925 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: malware

Napsal: 17 kvě 2017 13:04
od altrok
Krasny den Vam preju :bye:



:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan (Skenovani), pote na Clean (Cisteni)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: malware

Napsal: 18 kvě 2017 08:49
od Mato1357
Dakujem za odpoved.
Tak som spravil co ste radili.


# AdwCleaner v6.046 - *Logfile created 18/05/2017 *at 09:46:22
# *Updated on 24/04/2017 by Malwarebytes
# *Database : 2017-05-17.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Martin - MATOWORK1
# *Running from : C:\Users\Martin\Desktop\adwcleaner_6.046.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

[-] *Service deleted: BIT


***** [ *Folders ] *****

[-] *Folder deleted: C:\ProgramData\PC Faster
[-] *Folder deleted: C:\Users\Public\Documents\PC Faster
[-] *Folder deleted: C:\Users\Martin\AppData\Local\Assistant
[-] *Folder deleted: C:\Users\Martin\AppData\Local\DriverToolkit
[-] *Folder deleted: C:\Users\Martin\AppData\Local\AdvinstAnalytics
[-] *Folder deleted: C:\Users\Martin\AppData\Roaming\VDI
[-] *Folder deleted: C:\Users\Martin\AppData\Roaming\Microleaves
[-] *Folder deleted: C:\ProgramData\iwin games
[#] *Folder deleted on reboot: C:\ProgramData\pc faster
[-] *Folder deleted: C:\ProgramData\Microleaves
[-] *Folder deleted: C:\ProgramData\Auslogics
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iwin games
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[#] *Folder deleted on reboot: C:\Users\Public\Documents\pc faster
[-] *Folder deleted: C:\Program Files (x86)\DriverToolkit
[-] *Folder deleted: C:\Program Files (x86)\Auslogics
[-] *Folder deleted: C:\Program Files (x86)\YoutubeAdBlockU
[-] *Folder deleted: C:\Users\Martin\AppData\Local\Temp\VideoConverter
[-] *Folder deleted: C:\ProgramData\BIT


***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****

[-] *Task deleted: PC Faster
[-] *Task deleted: Microsoft\Windows\Multimedia\Manager


***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{635ADC07-6F19-42A7-8043-EDD19678CE14}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{ED87E2F4-838D-46BA-BFD9-DFA28310934B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{5582B980-DB2C-4894-9DC1-B9678ADD286D}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{81CA8FCD-1420-4A07-B47D-B30F3DDA79E1}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{44E6B68E-8DA5-4093-921B-7275E5B3906A}
[-] *Key deleted: HKU\.DEFAULT\Software\xvtrzx
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\DriverToolkit
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Installer
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\PC
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Amigo
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Event Monitor
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\VDI
[-] *Key deleted: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\isMiner
[#] *Key deleted on reboot: HKU\S-1-5-18\Software\xvtrzx
[#] *Key deleted on reboot: HKCU\Software\DriverToolkit
[#] *Key deleted on reboot: HKCU\Software\Installer
[#] *Key deleted on reboot: HKCU\Software\PC
[#] *Key deleted on reboot: HKCU\Software\Amigo
[#] *Key deleted on reboot: HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[#] *Key deleted on reboot: HKCU\Software\Event Monitor
[#] *Key deleted on reboot: HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[#] *Key deleted on reboot: HKCU\Software\VDI
[#] *Key deleted on reboot: HKCU\Software\isMiner
[-] *Key deleted: HKLM\SOFTWARE\PC
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] *Key deleted: HKLM\SOFTWARE\Event Monitor
[-] *Key deleted: HKLM\SOFTWARE\ScreenShot
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Key deleted: HKLM\SOFTWARE\Microleaves
[-] *Key deleted: HKLM\SOFTWARE\Auslogics
[-] *Key deleted: HKLM\SOFTWARE\xvtrzx
[#] *Key deleted on reboot: [x64] HKCU\Software\DriverToolkit
[#] *Key deleted on reboot: [x64] HKCU\Software\Installer
[#] *Key deleted on reboot: [x64] HKCU\Software\PC
[#] *Key deleted on reboot: [x64] HKCU\Software\Amigo
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[#] *Key deleted on reboot: [x64] HKCU\Software\Event Monitor
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[#] *Key deleted on reboot: [x64] HKCU\Software\VDI
[#] *Key deleted on reboot: [x64] HKCU\Software\isMiner
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] *Key deleted: [x64] HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] *Key deleted: [x64] HKLM\SOFTWARE\xvtrzx
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
[#] *Key deleted on reboot: HKLM\SOFTWARE\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]
[-] *Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] *Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ *Browsers ] *****

[-] *Firefox preferences cleaned: "browser.search.defaultenginename" - "initialsite123"
[-] *Firefox preferences cleaned: "browser.search.searchengine.hp" - "hxxp://www.initialsite123.com/?z=30971dc954d96 ... 55&type=hp"
[-] *Firefox preferences cleaned: "browser.search.searchengine.sp" - "hxxp://www.initialsite123.com/search/?from=wsy ... 6g7z2m3cft"
[-] *Firefox preferences cleaned: "browser.search.searchengine.url" - "hxxp://www.initialsite123.com/search/?from=wsy ... 6g7z2m3cft"
[-] *Firefox preferences cleaned: "browser.search.selectedEngine" - "initialsite123"


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7904 *Bytes] - [18/05/2017 09:46:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [7559 *Bytes] - [18/05/2017 09:44:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8052 *Bytes] ##########

Re: malware

Napsal: 19 kvě 2017 10:04
od altrok
:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.

Re: malware

Napsal: 22 kvě 2017 13:34
od Mato1357
Odosielam

Re: malware

Napsal: 22 kvě 2017 13:57
od altrok
  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {035dde46-a0fd-11e6-8300-7429af9347ea} - "G:\Setup.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {035dde66-a0fd-11e6-8300-7429af9347ea} - "G:\Setup.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {0f3d5ee8-2b1d-11e7-831a-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {39915a8f-d81b-11e6-8311-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {5c87fae5-d2ab-11e6-8311-7429af9347ea} - "H:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {ad90c208-9d0f-11e6-82fc-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {c49e51e1-79ff-11e6-808c-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {cf1ffbc4-ef70-11e6-8314-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e0f2973c-e85b-11e6-8313-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e5de847a-f831-11e6-8317-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e5de871b-f831-11e6-8317-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {e7b47d0a-5251-11e6-82ed-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {f821ce27-c203-11e6-830d-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {f821ce69-c203-11e6-830d-7429af9347ea} - "G:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\MountPoints2: {fd6f1d5f-766b-11e6-808c-7429af9347ea} - "G:\Lenovo_Suite.exe" 
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
File: C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-05-16]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
Handler: WSWSVCUchrome - No CLSID Value
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.ourluckysites.com/?type=sc&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
Edge HomeButtonPage: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002 -> hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
FF Homepage: Mozilla\Firefox\Profiles\w0e025dq.default -> hxxp://www.ourluckysites.com/?type=hp&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
FF Extension: (No Name) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi\ [not found]
C:\ProgramData\Wondershare\Video Converter Ultimate
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\w0e025dq.default\searchplugins\ourluckysites.xml [2017-05-22]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Firefox\Firefox\Profiles\w0e025dq.default [2017-05-20]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.ourluckysites.com/?type=sc&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
CHR HomePage: ChromeDefaultData2 -> hxxp://www.initialsite123.com/?z=30971dc954d963075a3b4cbg3zdtfw2e6g7z2m3cft&from=wsy2&uid=KINGSTONXSV300S37A240G_50026B7259022355&type=hp
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.initialsite123.com/?z=30971dc954d963075a3b4cbg3zdtfw2e6g7z2m3cft&from=wsy2&uid=KINGSTONXSV300S37A240G_50026B7259022355&type=hp" 
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData2 -> ourluckysites
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-05-22] <==== ATTENTION
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.ourluckysites.com/?type=sc&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Baglook\Application\chrome.exe (Google Inc.) <==== ATTENTION
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.ourluckysites.com/?type=sc&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
R2 BIT; C:\ProgramData\BIT\BIT.dll [1858560 2017-05-22] (win helper) [File not signed] <==== ATTENTION
S2 CSHMDR; C:\Users\Martin\AppData\Local\CSHMDR\Snare.dll [900096 2017-05-22] (IntertSect Alliance Pty Ltd) [File not signed] <==== ATTENTION
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [98456 2017-05-19] () <==== ATTENTION
File: C:\ProgramData\Microsoft\Windows\system\appidsvr.dll
DisableService: swpsvr
R2 WinSAPSvc; C:\Users\Martin\AppData\Roaming\WinSAPSvc\WinSAP.dll [1900544 2017-05-22] (TODO:  <公司名>) [File not signed] <==== ATTENTION
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
2017-05-19 12:11 - 2017-05-19 12:11 - 00000000 ____D C:\Users\Martin\AppData\Local\Firefox
2017-05-19 12:11 - 2017-05-19 12:11 - 00000000 ____D C:\Users\Martin\AppData\Local\Baglook
2017-05-19 12:11 - 2017-05-19 12:11 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-05-19 12:11 - 2017-05-19 12:11 - 00000000 ____D C:\Program Files (x86)\Baglook
2017-05-18 14:49 - 2017-05-22 10:30 - 00000000 ____D C:\Users\Martin\AppData\Roaming\WinSAPSvc
2017-05-18 14:49 - 2017-05-22 10:30 - 00000000 ____D C:\Users\Martin\AppData\Local\CSHMDR
2017-05-18 14:49 - 2017-05-18 14:49 - 00000000 ____D C:\ProgramData\BIT
2017-05-18 14:47 - 2017-05-18 14:47 - 00000000 ____D C:\Reimward
2017-05-17 11:52 - 2017-05-18 14:47 - 00000000 ____D C:\Program Files (x86)\Reerdly
2017-05-17 11:52 - 2017-05-17 12:16 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Ankeward
2017-05-17 11:52 - 2017-05-17 11:52 - 00000000 ____D C:\Users\Martin\AppData\Local\Kupezoperty
2017-05-17 11:52 - 2017-05-17 11:52 - 00000000 ____D C:\Program Files (x86)\Bijile Verfier
2017-05-17 11:51 - 2017-05-17 12:15 - 00000000 ____D C:\Program Files (x86)\YoutubeAdBlockIE
2017-05-17 11:51 - 2017-05-17 11:51 - 00000000 ____D C:\Program Files (x86)\YoutubeAdBlockUn
Folder: C:\Program Files (x86)\MIO
File: C:\WINDOWS\SysWOW64\yv12vfw.dll
2017-05-16 10:47 - 2017-05-16 12:12 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Bumudom
2017-05-16 10:47 - 2017-05-16 10:48 - 00000000 ____D C:\Users\Martin\AppData\Local\Shovusgrootain
File: C:\WINDOWS\Manager.exe
2017-05-16 10:47 - 2017-05-16 10:47 - 00078848 _____ C:\WINDOWS\Manager.exe
2017-05-16 10:46 - 2017-05-16 11:47 - 00000000 ____D C:\Program Files (x86)\Grutuphkevi
2017-05-16 10:13 - 2017-05-16 10:13 - 00005107 _____ C:\ProgramData\mudtcpaz.vzs
2017-05-16 10:13 - 2017-05-16 10:13 - 00000016 _____ C:\ProgramData\mntemp
2017-05-16 10:13 - 2017-05-16 10:13 - 00000000 ____D C:\ProgramData\Movavi Video Converter 17
2017-05-16 10:13 - 2017-05-16 10:13 - 00000000 ____D C:\ProgramData\Movavi
Folder: C:\Users\Martin\AppData\Roaming\Kodi
2017-05-16 11:47 - 2017-05-16 11:47 - 0011568 _____ () C:\Users\Martin\AppData\Local\InstallationConfiguration.xml
2017-05-16 11:47 - 2017-05-16 11:47 - 0140800 _____ () C:\Users\Martin\AppData\Local\installer.dat
2017-05-16 10:13 - 2017-05-16 10:13 - 0000016 _____ () C:\ProgramData\mntemp
2017-05-16 10:13 - 2017-05-16 10:13 - 0005107 _____ () C:\ProgramData\mudtcpaz.vzs
HKU\S-1-5-21-3264591501-1418884257-1146474618-1002\...\ChromeHTML: -> C:\Program Files (x86)\Baglook\Application\chrome.exe (Google Inc.) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3264591501-1418884257-1146474618-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll => No File
Task: {18570BFE-F2C2-43E0-B140-32425E162BA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1BC98D59-BD60-450E-994A-E53E359C2498} - System32\Tasks\Microsoft\Windows\DeviceSettings\Ckudock => msiexec.exe /i hxxp://D2bUH1bF1g584W.clOuDfroNt.net/mmtsk/occup.php?p=KINGSTONXSV300S37A240G_50026B7259022355&d=20170516 /q <==== ATTENTION
Task: {1DE7AC7F-B830-42B9-A1BC-9D6952BB13EC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {35191A78-D719-4FD4-8A34-CF73DE9C3AD4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4FA0192D-1CFA-426E-9263-652E982E0BF2} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-06] () <==== ATTENTION
2017-05-16 11:49 - 2017-05-16 11:49 - 00000000 ____D C:\Program Files (x86)\MIO
Task: {61B76B8E-D403-440C-A0DE-4936B0CC82B5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {889CCD7D-07BC-479E-9A55-8020157FDC7A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AED05504-8745-48B2-8991-D514097D5E18} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C2ED715A-7CEA-41F9-8898-B4A10F3EC61F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C45159AB-EB55-456B-A403-B6F5EA6ABF4D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E6DA053A-37A2-4031-AEDD-D82C3264BF59} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3264591501-1418884257-1146474618-1002 -> No File <==== ATTENTION
Task: {F118D663-0E15-4D9A-B78C-423B6C9031F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F5F42FB7-6936-4632-9C0B-2663006C989E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {FF63015E-D387-4BA8-8CAC-B980E802EA95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Shortcut: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Baglook\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Baglook\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Baglook\Application\chrome.exe (Google Inc.)
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1495441830&z=86df63824d836f0d5bc0689g9z8t8w9z1zegcb8ceg&from=che0812&uid=KINGSTONXSV300S37A240G_50026B7259022355
File: C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:174CD35A [111]
FirewallRules: [{FF119FC9-3593-41E1-93B0-47220294B7D6}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{D3F6B014-7B20-431A-9620-E0AB58488270}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{FE172094-7EE8-45E3-9B54-7451A9C9309D}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{0F2D8633-A207-4C93-B4B0-EB993A734228}] => (Allow) C:\Program Files (x86)\MIO\loader\kingstonxsv300s37a240g_50026b7259022355.dat
FirewallRules: [{768586BD-6E89-41DE-8EE3-F0C5D0B10E54}] => (Allow) C:\Program Files (x86)\MIO\loader\kingstonxsv300s37a240g_50026b7259022355.dat
FirewallRules: [{5006CA54-62F0-486B-BD0B-8320B47F7BB4}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{DD35C016-C691-4640-A13C-E074A1323202}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{A14CE617-7DB0-4FC7-AB80-5F0F4A24054C}] => (Allow) C:\Program Files (x86)\Baglook\Application\chrome.exe
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

Re: malware

Napsal: 22 kvě 2017 15:02
od Mato1357
Posielam, dakujem.

Re: malware

Napsal: 22 kvě 2017 15:11
od altrok
Pouzijte znovu AdwCleaner - od jeho posledniho pouziti doslo k dalsimu infikovani Vaseho PC.

Re: malware

Napsal: 25 kvě 2017 14:25
od Mato1357
Dakujem posielam>
# AdwCleaner v6.047 - *Logfile created 25/05/2017 *at 15:17:44
# *Updated on 19/05/2017 by Malwarebytes
# *Database : 2017-05-23.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Martin - MATOWORK1
# *Running from : C:\Users\Martin\Desktop\adwcleaner_6.047.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Martin\AppData\Roaming\Firefox
[-] *Folder deleted: C:\Users\Martin\AppData\Local\Firefox


***** [ *Files ] *****

[-] *File deleted: C:\Users\Public\Documents\temp.dat
[-] *File deleted: C:\Users\Public\Documents\report.dat


***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CSHMDR
[#] *Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\CSHMDR
[-] *Key deleted: HKLM\SOFTWARE\ScreenShot
[-] *Key deleted: HKLM\SOFTWARE\ourluckysitesSoftware
[-] *Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] *Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [BIT]


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [8196 *Bytes] - [18/05/2017 09:46:22]
C:\AdwCleaner\AdwCleaner[C2].txt - [1589 *Bytes] - [25/05/2017 15:17:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [7559 *Bytes] - [18/05/2017 09:44:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [1904 *Bytes] - [25/05/2017 15:07:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1811 *Bytes] ##########

Re: malware

Napsal: 25 kvě 2017 18:23
od altrok
:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz