VIRY.CZ

Dobrý den, prosím o kontrolu logu. Zdá se mi, že mám spomalený internet (Firefox). Provedl jsem scan přes Malwarebytes a nenalezlo to žádné hrozby.


FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by mamka (administrator) on LAPTOP-T71UOKM3 (19-02-2018 15:14:45)
Running from C:\Users\mamka\Desktop
Loaded Profiles: mamka (Available Profiles: mamka)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SweetLabs, Inc) C:\Users\mamka\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corporation)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718720 2010-12-21] (Microsoft Corporation)
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 10.0.1.1
Tcpip\..\Interfaces\{22f10b18-cca7-4290-a9d8-68c657793934}: [DhcpNameServer] 10.0.0.1 10.0.1.1

Internet Explorer:
==================
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: enyhamoj.default
FF ProfilePath: C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\enyhamoj.default [2018-02-19]
FF Homepage: Mozilla\Firefox\Profiles\enyhamoj.default -> seznam.cz
FF Extension: (Adblock Plus) - C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\enyhamoj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default [2017-10-07]
CHR Extension: (Prezentace Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-06]
CHR Extension: (Dokumenty Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-06]
CHR Extension: (Disk Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-06]
CHR Extension: (YouTube) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-06]
CHR Extension: (Tabulky Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-07]
CHR Extension: (Gmail) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] ()
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (Lenovo)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-12-17] (Macrovision Europe Ltd.) [File not signed]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-05-26] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-08-07] (Lenovo)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267328 2017-05-16] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-21] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3476736 2015-10-16] (Windows (R) Codename Longhorn DDK provider)
R1 MpKsldaaf0983; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3391A5C-BCAF-42BF-AE11-AE840906679C}\MpKsldaaf0983.sys [58120 2018-02-18] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6813664 2017-05-19] (Realtek Semiconductor Corporation )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-21] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-21] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-21] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-19 15:17 - 2018-02-19 15:17 - 067716016 _____ (Malwarebytes ) C:\Users\mamka\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3992.exe.part
2018-02-19 15:17 - 2018-02-19 15:17 - 000000000 _____ C:\Users\mamka\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3992.exe
2018-02-19 15:14 - 2018-02-19 15:16 - 000013204 _____ C:\Users\mamka\Desktop\FRST.txt
2018-02-19 15:14 - 2018-02-19 15:14 - 000000000 ____D C:\FRST
2018-02-19 15:13 - 2018-02-19 15:13 - 002403840 _____ (Farbar) C:\Users\mamka\Desktop\FRST64.exe
2018-02-16 15:42 - 2018-02-16 15:42 - 000136315 _____ C:\Users\mamka\Desktop\Odpočinková Severní Morava v populárním hotelu u zámku Hradec nad Moravicí s wellness neomezeně, masáží a polopenzí - Slevoteka.cz.html
2018-02-16 15:42 - 2018-02-16 15:42 - 000000000 ____D C:\Users\mamka\Desktop\Odpočinková Severní Morava v populárním hotelu u zámku Hradec nad Moravicí s wellness neomezeně, masáží a polopenzí - Slevoteka.cz_soubory
2018-02-16 14:07 - 2018-02-16 14:07 - 000349735 _____ C:\Users\mamka\Desktop\Romantický pobyt s neomezeným wellness a masáží Slevomat.cz.html
2018-02-16 14:07 - 2018-02-16 14:07 - 000000000 ____D C:\Users\mamka\Desktop\Romantický pobyt s neomezeným wellness a masáží Slevomat.cz_soubory
2018-02-07 13:19 - 2018-02-07 13:19 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-02-07 13:19 - 2018-02-07 13:19 - 000002214 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-02-07 13:19 - 2018-02-07 13:19 - 000000000 ____D C:\Program Files\Google
2018-02-05 06:57 - 2018-02-18 12:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-05 06:57 - 2018-02-06 03:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 06:57 - 2018-02-06 03:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-31 16:04 - 2018-01-31 16:04 - 000093839 _____ C:\Users\mamka\Desktop\zrcadleni.php
2018-01-28 13:34 - 2018-01-28 13:34 - 000365258 _____ C:\Users\mamka\Desktop\Wellness pobyt v Trenčianských Teplicích _ Slevomat.cz.html
2018-01-28 13:34 - 2018-01-28 13:34 - 000000000 ____D C:\Users\mamka\Desktop\Wellness pobyt v Trenčianských Teplicích _ Slevomat.cz_soubory

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-19 14:49 - 2016-12-26 09:20 - 000704037 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-02-19 14:47 - 2016-12-17 12:41 - 000000000 ____D C:\Users\mamka\AppData\Roaming\Skype
2018-02-19 14:46 - 2016-11-19 09:30 - 000000000 ____D C:\Users\mamka\AppData\Local\Host App Service
2018-02-19 14:44 - 2016-12-17 12:48 - 000000000 ____D C:\Users\mamka\AppData\LocalLow\Mozilla
2018-02-19 14:43 - 2017-07-20 16:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-19 14:43 - 2016-11-19 09:31 - 000000000 __SHD C:\Users\mamka\IntelGraphicsProfiles
2018-02-18 20:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-18 13:16 - 2017-12-24 21:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-18 10:56 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-18 10:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-14 20:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-14 19:38 - 2017-01-16 20:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-14 19:34 - 2017-10-11 13:58 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 19:34 - 2017-01-16 20:15 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-13 21:40 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-13 21:07 - 2017-12-24 22:15 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-147898541-2157023476-1376344096-1001
2018-02-13 21:07 - 2017-01-28 09:44 - 000002394 _____ C:\Users\mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-13 21:07 - 2016-11-19 09:35 - 000000000 ___RD C:\Users\mamka\OneDrive
2018-02-12 16:29 - 2016-12-17 12:43 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-12 16:29 - 2016-12-17 12:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-12 16:28 - 2016-12-17 12:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-06 11:33 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-06 11:32 - 2017-08-06 14:31 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-05 07:03 - 2017-12-24 22:12 - 001843520 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-05 07:03 - 2017-09-30 15:31 - 000786218 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-05 07:03 - 2017-09-30 15:31 - 000161160 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-05 06:58 - 2017-12-24 22:17 - 000000000 ___RD C:\Users\mamka\3D Objects
2018-02-05 06:58 - 2016-11-21 05:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-05 06:56 - 2017-12-24 22:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-05 06:56 - 2017-12-24 21:54 - 000248184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-05 06:55 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-05 06:54 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-05 06:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-05 06:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-05 06:53 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-24 19:25 - 2016-12-26 09:18 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2016-11-19 09:31 - 2018-02-19 14:44 - 002627291 _____ () C:\Users\mamka\AppData\Local\BTServer.log

Some files in TEMP:
====================
2018-02-14 19:38 - 2018-02-14 19:38 - 021730672 _____ (SweetLabs,Inc.) C:\Users\mamka\AppData\Local\Temp\octF7D0.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-18 12:26

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.8.0 - Logfile created on Mon Feb 19 15:49:30 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Host App Service
Deleted: C:\Users\All Users\Host App Service
Deleted: C:\Users\Default\AppData\Local\Host App Service
Deleted: C:\Users\Default User\AppData\Local\Host App Service
Deleted: C:\Users\mamka\AppData\Local\Host App Service


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: App Explorer


***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Host App Service
Deleted: [Key] - HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted: [Key] - HKCU\Software\Host App Service
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1574 B] - [2018/2/19 15:48:37]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by mamka (administrator) on LAPTOP-T71UOKM3 (19-02-2018 17:36:46)
Running from C:\Users\mamka\Desktop
Loaded Profiles: mamka (Available Profiles: mamka)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corporation)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718720 2010-12-21] (Microsoft Corporation)
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 10.0.1.1
Tcpip\..\Interfaces\{22f10b18-cca7-4290-a9d8-68c657793934}: [DhcpNameServer] 10.0.0.1 10.0.1.1

Internet Explorer:
==================
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: enyhamoj.default
FF ProfilePath: C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\enyhamoj.default [2018-02-19]
FF Homepage: Mozilla\Firefox\Profiles\enyhamoj.default -> seznam.cz
FF Extension: (Adblock Plus) - C:\Users\mamka\AppData\Roaming\Mozilla\Firefox\Profiles\enyhamoj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-12]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default [2018-02-19]
CHR Extension: (Prezentace Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-06]
CHR Extension: (Dokumenty Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-06]
CHR Extension: (Disk Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-06]
CHR Extension: (YouTube) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-06]
CHR Extension: (Tabulky Google) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-07]
CHR Extension: (Gmail) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-07]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] ()
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (Lenovo)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-12-17] (Macrovision Europe Ltd.) [File not signed]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-05-26] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-08-07] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [267328 2017-05-16] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-21] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3476736 2015-10-16] (Windows (R) Codename Longhorn DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-02-19] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-02-19] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-02-19] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-19] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-02-19] (Malwarebytes)
R1 MpKsld1e2e3f0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CAFBA33-49B3-4402-B4F0-91E7A600197A}\MpKsld1e2e3f0.sys [58120 2018-02-19] (Microsoft Corporation)
R1 MpKsldaaf0983; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3391A5C-BCAF-42BF-AE11-AE840906679C}\MpKsldaaf0983.sys [58120 2018-02-18] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6813664 2017-05-19] (Realtek Semiconductor Corporation )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-21] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-21] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-21] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-19 17:36 - 2018-02-19 17:37 - 000013816 _____ C:\Users\mamka\Desktop\FRST.txt
2018-02-19 16:53 - 2018-02-19 17:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-19 16:46 - 2018-02-19 16:49 - 000000000 ____D C:\AdwCleaner
2018-02-19 16:45 - 2018-02-19 16:45 - 008222496 _____ (Malwarebytes) C:\Users\mamka\Desktop\adwcleaner_7.0.8.0.exe
2018-02-19 15:23 - 2018-02-19 16:53 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-02-19 15:23 - 2018-02-19 16:53 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-02-19 15:23 - 2018-02-19 16:53 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-02-19 15:23 - 2018-02-19 15:23 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-02-19 15:22 - 2018-02-19 16:53 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-02-19 15:22 - 2018-02-19 15:22 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-19 15:22 - 2018-02-19 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-19 15:22 - 2018-02-19 15:22 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-19 15:22 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-02-19 15:20 - 2018-02-19 15:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-19 15:20 - 2018-02-19 15:22 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2018-02-19 15:17 - 2018-02-19 15:19 - 000033123 _____ C:\Users\mamka\Desktop\Addition.txt
2018-02-19 15:14 - 2018-02-19 17:36 - 000000000 ____D C:\FRST
2018-02-19 15:13 - 2018-02-19 15:13 - 002403840 _____ (Farbar) C:\Users\mamka\Desktop\FRST64.exe
2018-02-16 15:42 - 2018-02-16 15:42 - 000136315 _____ C:\Users\mamka\Desktop\Odpočinková Severní Morava v populárním hotelu u zámku Hradec nad Moravicí s wellness neomezeně, masáží a polopenzí - Slevoteka.cz.html
2018-02-16 15:42 - 2018-02-16 15:42 - 000000000 ____D C:\Users\mamka\Desktop\Odpočinková Severní Morava v populárním hotelu u zámku Hradec nad Moravicí s wellness neomezeně, masáží a polopenzí - Slevoteka.cz_soubory
2018-02-16 14:07 - 2018-02-16 14:07 - 000349735 _____ C:\Users\mamka\Desktop\Romantický pobyt s neomezeným wellness a masáží Slevomat.cz.html
2018-02-16 14:07 - 2018-02-16 14:07 - 000000000 ____D C:\Users\mamka\Desktop\Romantický pobyt s neomezeným wellness a masáží Slevomat.cz_soubory
2018-02-13 21:27 - 2018-02-10 07:20 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-13 21:27 - 2018-02-10 07:20 - 001055640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-13 21:27 - 2018-02-10 07:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-02-13 21:27 - 2018-02-10 07:20 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-02-13 21:27 - 2018-02-10 07:16 - 008603032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 21:27 - 2018-02-10 07:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-13 21:27 - 2018-02-10 07:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-13 21:27 - 2018-02-10 07:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-13 21:27 - 2018-02-10 07:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-13 21:27 - 2018-02-10 07:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-13 21:27 - 2018-02-10 07:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-13 21:27 - 2018-02-10 07:12 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-13 21:27 - 2018-02-10 07:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-13 21:27 - 2018-02-10 07:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-13 21:27 - 2018-02-10 07:08 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-13 21:27 - 2018-02-10 07:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-13 21:27 - 2018-02-10 07:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-13 21:27 - 2018-02-10 07:07 - 002710728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-13 21:27 - 2018-02-10 07:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-02-13 21:27 - 2018-02-10 07:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-13 21:27 - 2018-02-10 07:06 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-13 21:27 - 2018-02-10 07:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-13 21:27 - 2018-02-10 07:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-13 21:27 - 2018-02-10 07:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-13 21:27 - 2018-02-10 07:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-13 21:27 - 2018-02-10 07:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-02-13 21:27 - 2018-02-10 07:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-13 21:27 - 2018-02-10 07:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-13 21:27 - 2018-02-10 07:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-13 21:27 - 2018-02-10 07:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-02-13 21:27 - 2018-02-10 07:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-02-13 21:27 - 2018-02-10 06:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-13 21:27 - 2018-02-10 06:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-13 21:27 - 2018-02-10 06:08 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-13 21:27 - 2018-02-10 06:07 - 025253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-13 21:27 - 2018-02-10 06:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-13 21:27 - 2018-02-10 06:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-13 21:27 - 2018-02-10 06:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-13 21:27 - 2018-02-10 06:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-13 21:27 - 2018-02-10 06:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-13 21:27 - 2018-02-10 06:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-13 21:27 - 2018-02-10 06:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-02-13 21:27 - 2018-02-10 05:50 - 003665408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-13 21:27 - 2018-02-10 05:49 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-13 21:27 - 2018-02-10 05:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-02-13 21:27 - 2018-02-10 05:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-13 21:27 - 2018-02-10 05:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-02-13 21:27 - 2018-02-10 05:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-13 21:27 - 2018-02-10 05:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-13 21:27 - 2018-02-10 05:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-13 21:27 - 2018-02-10 05:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-13 21:27 - 2018-02-10 05:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-13 21:27 - 2018-02-10 05:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-02-13 21:27 - 2018-02-10 05:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-13 21:27 - 2018-02-10 05:45 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-13 21:27 - 2018-02-10 05:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-13 21:27 - 2018-02-10 05:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-02-13 21:27 - 2018-02-10 05:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-02-13 21:27 - 2018-02-10 05:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-13 21:27 - 2018-02-10 05:44 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-13 21:27 - 2018-02-10 05:44 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-13 21:27 - 2018-02-10 05:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-13 21:27 - 2018-02-10 05:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-13 21:27 - 2018-02-10 05:43 - 018923008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-13 21:27 - 2018-02-10 05:43 - 008020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-13 21:27 - 2018-02-10 05:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-13 21:27 - 2018-02-10 05:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-02-13 21:27 - 2018-02-10 05:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-13 21:27 - 2018-02-10 05:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-13 21:27 - 2018-02-10 05:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 023671808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-02-13 21:27 - 2018-02-10 05:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-02-13 21:27 - 2018-02-10 05:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-13 21:27 - 2018-02-10 05:41 - 019352576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-13 21:27 - 2018-02-10 05:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-13 21:27 - 2018-02-10 05:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-13 21:27 - 2018-02-10 05:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-13 21:27 - 2018-02-10 05:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-13 21:27 - 2018-02-10 05:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-02-13 21:27 - 2018-02-10 05:40 - 012831744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-13 21:27 - 2018-02-10 05:40 - 008110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-13 21:27 - 2018-02-10 05:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-13 21:27 - 2018-02-10 05:40 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-13 21:27 - 2018-02-10 05:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-13 21:27 - 2018-02-10 05:39 - 011925504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-13 21:27 - 2018-02-10 05:39 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-13 21:27 - 2018-02-10 05:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 006567936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-13 21:27 - 2018-02-10 05:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-13 21:27 - 2018-02-10 05:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-13 21:27 - 2018-02-10 05:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-13 21:27 - 2018-02-10 05:37 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-13 21:27 - 2018-02-10 05:37 - 003678720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 21:27 - 2018-02-10 05:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-13 21:27 - 2018-02-10 05:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 21:27 - 2018-02-10 05:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-13 21:27 - 2018-02-10 05:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-13 21:27 - 2018-02-10 05:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-13 21:27 - 2018-02-10 05:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-13 21:27 - 2018-02-10 05:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-13 21:27 - 2018-02-10 05:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 21:27 - 2018-02-10 05:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 21:27 - 2018-02-10 05:35 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-13 21:27 - 2018-02-10 05:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-13 21:27 - 2018-02-10 05:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-13 21:27 - 2018-02-10 05:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-13 21:26 - 2018-02-10 07:24 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-13 21:26 - 2018-02-10 07:23 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-13 21:26 - 2018-02-10 07:23 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-13 21:26 - 2018-02-10 07:23 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-13 21:26 - 2018-02-10 07:23 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 21:26 - 2018-02-10 07:22 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 21:26 - 2018-02-10 07:22 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-13 21:26 - 2018-02-10 07:22 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-13 21:26 - 2018-02-10 07:22 - 000387480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 21:26 - 2018-02-10 07:22 - 000272800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 21:26 - 2018-02-10 07:22 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-13 21:26 - 2018-02-10 07:21 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-13 21:26 - 2018-02-10 07:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-13 21:26 - 2018-02-10 07:20 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-13 21:26 - 2018-02-10 07:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-13 21:26 - 2018-02-10 07:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-13 21:26 - 2018-02-10 07:17 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-13 21:26 - 2018-02-10 07:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-13 21:26 - 2018-02-10 07:15 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-02-13 21:26 - 2018-02-10 07:15 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-13 21:26 - 2018-02-10 07:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-13 21:26 - 2018-02-10 07:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-13 21:26 - 2018-02-10 07:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-02-13 21:26 - 2018-02-10 07:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-02-13 21:26 - 2018-02-10 07:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-13 21:26 - 2018-02-10 07:11 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-13 21:26 - 2018-02-10 07:11 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-13 21:26 - 2018-02-10 07:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-13 21:26 - 2018-02-10 07:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-13 21:26 - 2018-02-10 07:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-13 21:26 - 2018-02-10 07:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-13 21:26 - 2018-02-10 07:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-13 21:26 - 2018-02-10 07:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-13 21:26 - 2018-02-10 07:08 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-13 21:26 - 2018-02-10 07:08 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-13 21:26 - 2018-02-10 07:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 21:26 - 2018-02-10 07:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-13 21:26 - 2018-02-10 07:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-13 21:26 - 2018-02-10 07:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-13 21:26 - 2018-02-10 07:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-13 21:26 - 2018-02-10 07:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-02-13 21:26 - 2018-02-10 07:06 - 000519144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-13 21:26 - 2018-02-10 07:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-13 21:26 - 2018-02-10 07:04 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-13 21:26 - 2018-02-10 07:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-02-13 21:26 - 2018-02-10 07:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-13 21:26 - 2018-02-10 07:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-13 21:26 - 2018-02-10 07:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-13 21:26 - 2018-02-10 07:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-02-13 21:26 - 2018-02-10 07:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-13 21:26 - 2018-02-10 07:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-02-13 21:26 - 2018-02-10 06:22 - 001930224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-02-13 21:26 - 2018-02-10 06:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-02-13 21:26 - 2018-02-10 06:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-02-13 21:26 - 2018-02-10 06:17 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-13 21:26 - 2018-02-10 06:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-13 21:26 - 2018-02-10 06:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-02-13 21:26 - 2018-02-10 06:09 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-13 21:26 - 2018-02-10 06:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-13 21:26 - 2018-02-10 06:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-13 21:26 - 2018-02-10 06:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-02-13 21:26 - 2018-02-10 06:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-13 21:26 - 2018-02-10 06:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-13 21:26 - 2018-02-10 06:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-02-13 21:26 - 2018-02-10 06:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-13 21:26 - 2018-02-10 06:07 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-13 21:26 - 2018-02-10 06:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-02-13 21:26 - 2018-02-10 06:06 - 006481640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-13 21:26 - 2018-02-10 06:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-13 21:26 - 2018-02-10 06:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-02-13 21:26 - 2018-02-10 06:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-02-13 21:26 - 2018-02-10 05:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-13 21:26 - 2018-02-10 05:50 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-13 21:26 - 2018-02-10 05:49 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-13 21:26 - 2018-02-10 05:49 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-13 21:26 - 2018-02-10 05:49 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-13 21:26 - 2018-02-10 05:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-13 21:26 - 2018-02-10 05:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-13 21:26 - 2018-02-10 05:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-13 21:26 - 2018-02-10 05:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-13 21:26 - 2018-02-10 05:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-13 21:26 - 2018-02-10 05:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-02-13 21:26 - 2018-02-10 05:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-13 21:26 - 2018-02-10 05:43 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-13 21:26 - 2018-02-10 05:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-13 21:26 - 2018-02-10 05:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-13 21:26 - 2018-02-10 05:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-13 21:26 - 2018-02-10 05:42 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-13 21:26 - 2018-02-10 05:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-13 21:26 - 2018-02-10 05:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-02-13 21:26 - 2018-02-10 05:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-13 21:26 - 2018-02-10 05:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-13 21:26 - 2018-02-10 05:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 21:26 - 2018-02-10 05:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-02-13 21:26 - 2018-02-10 05:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-02-13 21:26 - 2018-02-10 05:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-13 21:26 - 2018-02-10 05:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-02-13 21:26 - 2018-02-10 05:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-02-13 21:26 - 2018-02-10 05:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-13 21:26 - 2018-02-10 05:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-02-13 21:26 - 2018-02-10 05:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-13 21:26 - 2018-02-10 05:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-13 21:26 - 2018-02-10 05:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-13 21:26 - 2018-02-10 05:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-13 21:26 - 2018-02-10 05:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-13 21:26 - 2018-02-10 05:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-13 21:26 - 2018-02-10 05:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-13 21:26 - 2018-02-10 05:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-13 21:26 - 2018-02-10 05:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-13 21:26 - 2018-02-10 05:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-13 21:26 - 2018-02-10 05:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-13 21:26 - 2018-02-10 05:36 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-13 21:26 - 2018-02-10 05:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-13 21:26 - 2018-02-10 05:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-13 21:26 - 2018-02-10 05:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-13 21:26 - 2018-02-10 05:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-13 21:26 - 2018-02-10 05:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-13 21:26 - 2018-02-10 05:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-13 21:26 - 2018-02-10 05:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-13 21:26 - 2018-02-10 05:32 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-02-13 21:26 - 2018-02-10 05:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-13 21:26 - 2018-02-10 03:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-02-13 21:26 - 2018-02-10 03:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-02-13 21:26 - 2018-02-09 04:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-13 21:26 - 2018-02-09 04:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-13 21:26 - 2018-02-09 04:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-13 21:26 - 2018-02-02 04:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-13 21:25 - 2018-02-10 07:22 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-13 21:25 - 2018-02-10 07:21 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-13 21:25 - 2018-02-10 07:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-13 21:25 - 2018-02-10 07:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-02-13 21:25 - 2018-02-10 07:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 21:25 - 2018-02-10 07:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-13 21:25 - 2018-02-10 07:13 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-02-13 21:25 - 2018-02-10 07:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-02-13 21:25 - 2018-02-10 07:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-02-13 21:25 - 2018-02-10 07:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-13 21:25 - 2018-02-10 07:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-02-13 21:25 - 2018-02-10 07:09 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-13 21:25 - 2018-02-10 07:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-13 21:25 - 2018-02-10 07:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-13 21:25 - 2018-02-10 07:06 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-13 21:25 - 2018-02-10 07:06 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-13 21:25 - 2018-02-10 07:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-13 21:25 - 2018-02-10 07:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-13 21:25 - 2018-02-10 07:05 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-02-13 21:25 - 2018-02-10 07:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-13 21:25 - 2018-02-10 07:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-13 21:25 - 2018-02-10 07:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-13 21:25 - 2018-02-10 07:04 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-13 21:25 - 2018-02-10 07:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-13 21:25 - 2018-02-10 07:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-13 21:25 - 2018-02-10 07:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-13 21:25 - 2018-02-10 06:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-02-13 21:25 - 2018-02-10 06:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-02-13 21:25 - 2018-02-10 06:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-02-13 21:25 - 2018-02-10 06:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-02-13 21:25 - 2018-02-10 06:07 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-13 21:25 - 2018-02-10 06:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-02-13 21:25 - 2018-02-10 06:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-02-13 21:25 - 2018-02-10 06:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-13 21:25 - 2018-02-10 06:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-13 21:25 - 2018-02-10 06:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-02-13 21:25 - 2018-02-10 06:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-02-13 21:25 - 2018-02-10 06:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-02-13 21:25 - 2018-02-10 06:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-02-13 21:25 - 2018-02-10 06:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-02-13 21:25 - 2018-02-10 06:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-02-13 21:25 - 2018-02-10 05:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-02-13 21:25 - 2018-02-10 05:50 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-13 21:25 - 2018-02-10 05:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-13 21:25 - 2018-02-10 05:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-13 21:25 - 2018-02-10 05:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-02-13 21:25 - 2018-02-10 05:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-02-13 21:25 - 2018-02-10 05:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-13 21:25 - 2018-02-10 05:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-02-13 21:25 - 2018-02-10 05:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-02-13 21:25 - 2018-02-10 05:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-13 21:25 - 2018-02-10 05:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-02-13 21:25 - 2018-02-10 05:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-02-13 21:25 - 2018-02-10 05:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-13 21:25 - 2018-02-10 05:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-13 21:25 - 2018-02-10 05:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-02-13 21:25 - 2018-02-10 05:44 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-02-13 21:25 - 2018-02-10 05:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-02-13 21:25 - 2018-02-10 05:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-02-13 21:25 - 2018-02-10 05:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-02-13 21:25 - 2018-02-10 05:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-13 21:25 - 2018-02-10 05:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-13 21:25 - 2018-02-10 05:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-02-13 21:25 - 2018-02-10 05:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-02-13 21:25 - 2018-02-10 05:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-13 21:25 - 2018-02-10 05:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-02-13 21:25 - 2018-02-10 05:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-02-13 21:25 - 2018-02-10 05:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-02-13 21:25 - 2018-02-10 05:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-02-13 21:25 - 2018-02-10 05:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-02-13 21:25 - 2018-02-10 05:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-02-13 21:25 - 2018-02-10 05:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-02-13 21:25 - 2018-02-10 05:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-02-13 21:25 - 2018-02-10 05:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-02-13 21:25 - 2018-02-10 05:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-02-13 21:25 - 2018-02-10 05:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-02-13 21:25 - 2018-02-10 05:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-13 21:25 - 2018-02-10 05:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-13 21:25 - 2018-02-10 05:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-13 21:25 - 2018-02-10 05:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-13 21:25 - 2018-02-10 05:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-13 21:25 - 2018-02-10 05:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-13 21:25 - 2018-02-10 05:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-13 21:25 - 2018-02-10 05:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-13 21:25 - 2018-02-10 05:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-13 21:25 - 2018-02-10 05:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-13 21:25 - 2018-02-10 05:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-13 21:25 - 2018-02-10 05:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-13 21:25 - 2018-02-10 05:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-02-13 21:25 - 2018-02-10 05:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-13 21:25 - 2018-02-10 05:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-13 21:25 - 2018-02-10 05:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-02-13 21:25 - 2018-02-10 05:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-13 21:25 - 2018-02-10 05:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-13 21:25 - 2018-02-10 05:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-13 21:25 - 2018-02-10 05:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-02-13 21:25 - 2018-02-10 05:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-02-13 21:25 - 2018-02-09 04:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-13 21:25 - 2018-02-09 04:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-13 21:25 - 2018-02-02 04:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-13 21:25 - 2018-02-02 04:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-13 21:25 - 2018-02-02 04:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-13 21:25 - 2018-02-02 04:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-07 13:19 - 2018-02-07 13:19 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2018-02-07 13:19 - 2018-02-07 13:19 - 000002214 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2018-02-07 13:19 - 2018-02-07 13:19 - 000000000 ____D C:\Program Files\Google
2018-02-05 06:57 - 2018-02-06 03:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 06:57 - 2018-02-06 03:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-31 16:04 - 2018-01-31 16:04 - 000093839 _____ C:\Users\mamka\Desktop\zrcadleni.php
2018-01-28 13:34 - 2018-01-28 13:34 - 000365258 _____ C:\Users\mamka\Desktop\Wellness pobyt v Trenčianských Teplicích _ Slevomat.cz.html
2018-01-28 13:34 - 2018-01-28 13:34 - 000000000 ____D C:\Users\mamka\Desktop\Wellness pobyt v Trenčianských Teplicích _ Slevomat.cz_soubory

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-19 17:29 - 2017-12-24 21:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-19 17:05 - 2016-12-17 12:48 - 000000000 ____D C:\Users\mamka\AppData\LocalLow\Mozilla
2018-02-19 17:04 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-19 16:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-19 16:59 - 2016-12-26 09:20 - 000704943 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-02-19 16:57 - 2017-12-24 22:12 - 001871450 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-19 16:57 - 2017-09-30 15:31 - 000800836 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-19 16:57 - 2017-09-30 15:31 - 000165380 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-19 16:55 - 2017-12-24 22:17 - 000000000 ___RD C:\Users\mamka\3D Objects
2018-02-19 16:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-19 16:55 - 2016-11-21 05:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-19 16:54 - 2017-07-20 16:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-19 16:54 - 2016-11-19 09:31 - 000000000 __SHD C:\Users\mamka\IntelGraphicsProfiles
2018-02-19 16:52 - 2017-12-24 22:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-19 16:52 - 2017-12-24 21:54 - 000248184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-19 16:52 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-19 16:52 - 2016-12-17 12:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-19 16:52 - 2016-12-17 12:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-19 16:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-19 16:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-19 16:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-19 16:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-19 16:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-02-19 16:49 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-19 15:26 - 2016-12-17 12:41 - 000000000 ____D C:\Users\mamka\AppData\Roaming\Skype
2018-02-18 10:56 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-14 20:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-14 19:38 - 2017-01-16 20:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-14 19:34 - 2017-10-11 13:58 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 19:34 - 2017-01-16 20:15 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-13 21:40 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-13 21:07 - 2017-12-24 22:15 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-147898541-2157023476-1376344096-1001
2018-02-13 21:07 - 2017-01-28 09:44 - 000002394 _____ C:\Users\mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-13 21:07 - 2016-11-19 09:35 - 000000000 ___RD C:\Users\mamka\OneDrive
2018-02-12 16:29 - 2016-12-17 12:43 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-06 11:32 - 2017-08-06 14:31 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-05 06:54 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-05 06:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-02-05 06:53 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-05 06:53 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-24 19:25 - 2016-12-26 09:18 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2016-11-19 09:31 - 2018-02-19 16:55 - 002629973 _____ () C:\Users\mamka\AppData\Local\BTServer.log

Some files in TEMP:
====================
2018-02-14 19:38 - 2018-02-14 19:38 - 021730672 _____ (SweetLabs,Inc.) C:\Users\mamka\AppData\Local\Temp\octF7D0.tmp.exe
2015-08-14 13:29 - 2015-07-29 21:08 - 000681097 _____ (SQLite Development Team) C:\Users\mamka\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-18 12:26

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\mamka\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2018
Ran by mamka (19-02-2018 18:16:07) Run:1
Running from C:\Users\mamka\Desktop
Loaded Profiles: mamka (Available Profiles: mamka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\mamka\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-147898541-2157023476-1376344096-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\mamka\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17049980 B
Java, Flash, Steam htmlcache => 6238692 B
Windows/system/drivers => 411026 B
Edge => 3030545 B
Chrome => 10130561 B
Firefox => 407440244 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 108736 B
mamka => 751711 B

RecycleBin => 0 B
EmptyTemp: => 431.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:17:24 ====

Smazáno. Nastala nějaká změna?

Ano, zdá se to být podstatně rychlejší. Děkuji za pomoc a ochotu.

Rádo se stalo!