VIRY.CZ

Dobrý večer všem,
notebook mé kamarádky na každé "flešce" změní všechny soubory na zástupce a ještě tam přidá další složky např. system volume information.
Prosím o pomoc s řešením, přikládám log z FRST i s připojenou "fleškou". Ještě bych se rád zeptal, zda bude možné opravit i tu "flešku" která není jediná....
Předem díky,
V.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by oem (administrator) on DESKTOP-L4B4T40 (06-03-2018 21:43:36)
Running from C:\Users\oem\Downloads
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 10 Enterprise Version 1703 15063.909 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2182568 2018-01-09] (COMODO)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {0251b8c5-f8f5-11e7-b93c-0024216d289c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {30419bd9-989d-11e7-b924-0024216d289c} - "F:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{84f6aa1a-560d-45a0-b5ea-f68d25b6d4d5}: [DhcpNameServer] 192.168.3.10 19.168.3.1
Tcpip\..\Interfaces\{cd9e4798-fc2f-452f-969d-b59cc846fdd5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-05] (Oracle Corporation)

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-25]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10962648 2018-01-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2875816 2018-01-09] (COMODO)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-02] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-02] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2017-12-29] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [830448 2017-12-29] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50776 2017-12-29] (COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [133384 2017-12-29] (COMODO)
R1 MpKslf557bfe5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3F4803C8-AE90-473B-A51B-34B1C02A241A}\MpKslf557bfe5.sys [58120 2018-03-06] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S1 swnvftwl; C:\WINDOWS\system32\drivers\swnvftwl.sys [72816 2018-03-06] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-02] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-02] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-02] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-06 21:43 - 2018-03-06 21:44 - 000009862 _____ C:\Users\oem\Downloads\FRST.txt
2018-03-06 21:43 - 2018-03-06 21:43 - 000000000 ____D C:\FRST
2018-03-06 21:40 - 2018-03-06 21:40 - 002403328 _____ (Farbar) C:\Users\oem\Downloads\FRST64 (1).exe
2018-03-06 21:37 - 2018-03-06 21:37 - 000000629 _____ C:\Users\oem\Desktop\FRSTLauncher – zástupce.lnk
2018-03-06 21:35 - 2018-03-06 21:35 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swnvftwl.sys
2018-03-06 21:35 - 2018-03-06 21:35 - 000000000 _____ C:\Users\oem\Downloads\FRSTLauncher.exe
2018-03-06 21:23 - 2018-03-06 21:43 - 000001466 _____ C:\Users\oem\Desktop\FRST64 – zástupce.lnk
2018-03-06 21:23 - 2018-03-06 21:23 - 002403328 _____ (Farbar) C:\Users\oem\Downloads\FRST64.exe
2018-03-06 21:18 - 2018-03-06 21:18 - 000000000 ____D C:\rsit
2018-03-06 21:18 - 2018-03-06 21:18 - 000000000 ____D C:\Program Files\trend micro
2018-03-06 21:17 - 2018-03-06 21:17 - 001222144 _____ C:\Users\oem\Downloads\RSITx64.exe
2018-03-06 13:33 - 2018-03-06 13:33 - 000015094 _____ C:\Users\oem\Downloads\rezervace-2018-03-06 (2).xlsx
2018-03-06 13:31 - 2018-03-06 13:31 - 000018331 _____ C:\Users\oem\Desktop\trenérský seminář - 7.3. 2018 Dago.xlsx
2018-03-06 11:05 - 2018-03-06 11:05 - 000015001 _____ C:\Users\oem\Downloads\rezervace-2018-03-06 (1).xlsx
2018-03-06 10:55 - 2018-03-06 10:55 - 000012344 _____ C:\Users\oem\Downloads\rezervace-2018-03-06.xlsx
2018-03-05 15:50 - 2018-03-05 15:50 - 000271872 _____ (Microsoft Corporation) C:\Users\oem\Downloads\cmd (2).exe
2018-03-05 11:43 - 2018-03-05 11:49 - 924794762 _____ C:\Users\oem\Downloads\Jumanji Welcome to the Jungle (2017) CZtit. NOVINKA OBRAZE.avi
2018-03-02 00:27 - 2018-03-02 00:27 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-02-23 16:09 - 2018-02-23 16:10 - 000425819 _____ C:\Users\oem\Desktop\ON kluci - seznam.pdf
2018-02-22 12:36 - 2018-02-22 12:37 - 027568551 _____ C:\Users\oem\Desktop\ON kluci.rar
2018-02-22 12:33 - 2018-02-22 12:35 - 000000000 ____D C:\Users\oem\Desktop\ON kluci
2018-02-22 12:32 - 2018-02-22 12:35 - 000000000 ____D C:\Users\oem\Desktop\prilohy_86548
2018-02-22 12:30 - 2018-02-22 12:34 - 000000000 ____D C:\Users\oem\Desktop\prilohy_86536
2018-02-22 12:30 - 2018-02-22 12:30 - 007420362 _____ C:\Users\oem\Downloads\prilohy_86548.zip
2018-02-22 12:29 - 2018-02-22 12:29 - 010804361 _____ C:\Users\oem\Downloads\prilohy_86542.zip
2018-02-22 12:28 - 2018-02-22 12:28 - 009471657 _____ C:\Users\oem\Downloads\prilohy_86536.zip
2018-02-19 14:40 - 2018-03-02 00:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-18 22:39 - 2018-02-10 05:54 - 002167320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-18 22:39 - 2018-02-10 05:54 - 000556352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-18 22:39 - 2018-02-10 05:53 - 000277384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-18 22:39 - 2018-02-10 05:52 - 000079600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-18 22:39 - 2018-02-10 05:52 - 000059448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-18 22:39 - 2018-02-10 05:51 - 006769312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-18 22:39 - 2018-02-10 05:49 - 000154488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2018-02-18 22:39 - 2018-02-10 05:42 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-18 22:39 - 2018-02-10 05:41 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2018-02-18 22:39 - 2018-02-10 05:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-18 22:39 - 2018-02-10 05:38 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2018-02-18 22:39 - 2018-02-10 05:37 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-18 22:39 - 2018-02-10 05:35 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-18 22:39 - 2018-02-10 05:33 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-18 22:39 - 2018-02-10 05:33 - 001172480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-02-18 22:39 - 2018-02-10 05:32 - 003425280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-18 22:39 - 2018-02-10 05:31 - 002010112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-18 22:39 - 2018-02-10 05:31 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-18 22:39 - 2018-02-10 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-18 22:39 - 2018-02-10 05:29 - 004558848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-18 22:39 - 2018-02-10 05:26 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2018-02-18 22:39 - 2018-02-10 05:24 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vss_ps.dll
2018-02-18 22:39 - 2018-01-12 00:44 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-02-18 22:39 - 2018-01-12 00:25 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2018-02-18 22:39 - 2018-01-12 00:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-02-18 22:39 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2018-02-18 22:39 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 004004984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000923256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000837240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000653432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000061048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-18 22:38 - 2018-02-10 05:54 - 002605272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-02-18 22:38 - 2018-02-10 05:54 - 001465864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-02-18 22:38 - 2018-02-10 05:51 - 004672336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-18 22:38 - 2018-02-10 05:51 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-18 22:38 - 2018-02-10 05:40 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2018-02-18 22:38 - 2018-02-10 05:39 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-18 22:38 - 2018-02-10 05:35 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-02-18 22:38 - 2018-02-10 05:34 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-02-18 22:38 - 2018-02-10 05:34 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-18 22:38 - 2018-02-10 05:34 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-18 22:38 - 2018-02-10 05:32 - 006259200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-18 22:38 - 2018-02-10 05:32 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-02-18 22:38 - 2018-02-10 05:31 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-18 22:38 - 2018-02-10 05:30 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-02-18 22:38 - 2018-02-10 05:30 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-18 22:38 - 2018-02-10 05:29 - 003653632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-18 22:38 - 2018-01-12 00:30 - 006729216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-18 22:38 - 2018-01-12 00:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2018-02-18 22:38 - 2018-01-12 00:18 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2018-02-18 22:37 - 2018-02-10 06:03 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-18 22:37 - 2018-02-10 06:00 - 002260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-02-18 22:37 - 2018-02-10 05:54 - 000025504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkPS.dll
2018-02-18 22:37 - 2018-02-10 05:53 - 000613688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-02-18 22:37 - 2018-02-10 05:49 - 000583664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-02-18 22:37 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-18 22:37 - 2018-02-10 05:37 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-18 22:37 - 2018-02-10 05:37 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-18 22:37 - 2018-02-10 05:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-18 22:37 - 2018-02-10 05:35 - 020513792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-18 22:37 - 2018-02-10 05:35 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-02-18 22:37 - 2018-02-10 05:33 - 019350528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-18 22:37 - 2018-02-10 05:33 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-18 22:37 - 2018-02-10 05:30 - 005227008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-02-18 22:37 - 2018-02-10 05:30 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2018-02-18 22:37 - 2018-02-10 05:27 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkInternalPS.dll
2018-02-18 22:37 - 2018-01-12 00:54 - 000627584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-02-18 22:37 - 2018-01-12 00:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-02-18 22:37 - 2018-01-12 00:23 - 005970944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-18 22:21 - 2018-02-10 06:26 - 000650872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-18 22:19 - 2018-02-10 06:35 - 000022904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-18 22:19 - 2018-02-10 06:26 - 000459160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-02-18 22:19 - 2018-02-10 06:25 - 000349752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-18 22:19 - 2018-02-10 06:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-18 22:19 - 2018-02-10 05:42 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-18 22:19 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-18 22:19 - 2018-02-10 05:30 - 004507136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-18 22:19 - 2018-02-10 05:29 - 002053120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-18 22:19 - 2018-02-10 05:28 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-18 22:19 - 2018-02-10 05:27 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-18 22:19 - 2018-02-10 05:23 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2018-02-18 22:19 - 2018-01-12 00:20 - 001437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2018-02-18 22:18 - 2018-02-10 05:37 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2018-02-18 22:18 - 2018-02-10 05:36 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2018-02-18 22:18 - 2018-02-10 05:34 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-02-18 22:18 - 2018-02-10 05:30 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-02-18 22:18 - 2018-02-10 05:29 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-02-18 22:18 - 2018-01-12 00:33 - 007931904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-18 22:18 - 2018-01-12 00:30 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-02-18 22:17 - 2018-02-10 06:32 - 001018776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-02-18 22:17 - 2018-02-10 06:22 - 021354728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-18 22:17 - 2018-02-10 06:20 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-18 22:17 - 2018-02-10 05:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2018-02-18 22:17 - 2018-02-10 05:38 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-18 22:17 - 2018-02-10 05:35 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-02-18 22:17 - 2018-02-10 05:35 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-02-18 22:17 - 2018-02-10 05:33 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-18 22:17 - 2018-02-10 05:33 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-18 22:17 - 2018-02-10 05:31 - 008175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-18 22:17 - 2018-02-10 05:30 - 004720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-18 22:17 - 2018-02-10 05:29 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-02-18 22:17 - 2018-02-10 05:29 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-18 22:17 - 2018-02-10 05:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 005008504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 001235576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 000988792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 000893048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-18 22:17 - 2018-01-12 00:29 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-02-18 22:17 - 2018-01-12 00:27 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-02-18 22:17 - 2018-01-12 00:26 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-18 22:17 - 2018-01-12 00:25 - 004208640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-02-18 22:16 - 2018-02-10 06:25 - 001667824 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-02-18 22:16 - 2018-02-10 06:24 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-18 22:16 - 2018-02-10 05:28 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-18 22:16 - 2018-01-12 00:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-02-18 22:16 - 2018-01-12 00:30 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-18 22:16 - 2018-01-12 00:29 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-02-18 22:16 - 2018-01-12 00:29 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-02-18 22:16 - 2018-01-12 00:25 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-02-18 22:16 - 2018-01-12 00:24 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-02-18 22:16 - 2018-01-12 00:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-02-18 22:15 - 2018-02-10 06:38 - 008344984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-18 22:15 - 2018-02-10 06:25 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-02-18 22:15 - 2018-02-10 05:33 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-02-18 22:15 - 2018-02-10 05:33 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-18 22:15 - 2018-01-12 00:29 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-02-18 22:14 - 2018-02-10 20:15 - 001161216 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-02-18 22:14 - 2018-02-10 06:35 - 000519576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-18 22:14 - 2018-02-10 06:25 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-18 22:14 - 2018-02-10 06:24 - 000643704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-18 22:14 - 2018-02-10 06:23 - 004709008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-18 22:14 - 2018-02-10 06:22 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-18 22:14 - 2018-02-10 06:20 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2018-02-18 22:14 - 2018-02-10 05:40 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2018-02-18 22:14 - 2018-02-10 05:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2018-02-18 22:14 - 2018-02-10 05:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-18 22:14 - 2018-02-10 05:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-18 22:14 - 2018-02-10 05:34 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-18 22:14 - 2018-02-10 05:31 - 012803584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-18 22:14 - 2018-02-01 22:28 - 000125015 ____R C:\WINDOWS\system32\CaptureCountdown.hcp
2018-02-18 22:14 - 2018-02-01 22:28 - 000119017 ____R C:\WINDOWS\system32\CaptureBrackets.hcp
2018-02-18 22:14 - 2018-02-01 22:28 - 000017806 ____R C:\WINDOWS\system32\CaptureToast.hcp
2018-02-18 22:14 - 2018-01-12 00:29 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2018-02-18 22:14 - 2018-01-12 00:24 - 001191424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-18 22:14 - 2018-01-12 00:23 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-02-18 22:14 - 2018-01-12 00:21 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-02-18 22:14 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2018-02-18 22:14 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2018-02-18 22:13 - 2018-02-10 06:32 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-18 22:13 - 2018-02-10 06:26 - 000036760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2018-02-18 22:13 - 2018-02-10 05:56 - 023681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-18 22:13 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-18 22:13 - 2018-02-10 05:38 - 023697408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-18 22:13 - 2018-02-10 05:36 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-18 22:13 - 2018-02-10 05:36 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-18 22:13 - 2018-02-10 05:35 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-18 22:13 - 2018-02-10 05:35 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-18 22:13 - 2018-02-10 05:32 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-18 22:13 - 2018-02-10 05:31 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-18 22:13 - 2018-02-10 05:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-18 22:13 - 2018-02-10 05:28 - 002007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-02-18 22:13 - 2018-02-10 05:28 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-18 22:13 - 2018-02-10 05:26 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-02-18 22:13 - 2018-01-12 01:24 - 000751576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-02-18 22:12 - 2018-02-10 06:48 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-18 22:12 - 2018-02-10 06:47 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-18 22:12 - 2018-02-10 06:47 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-18 22:12 - 2018-02-10 06:44 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-18 22:12 - 2018-02-10 06:41 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-18 22:12 - 2018-02-10 06:40 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-18 22:12 - 2018-02-10 06:31 - 002970424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-02-18 22:12 - 2018-02-10 06:31 - 000381848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-18 22:12 - 2018-02-10 06:24 - 000727848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-02-18 22:12 - 2018-02-10 06:23 - 000070344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-18 22:12 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2018-02-18 22:12 - 2018-02-10 05:35 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-02-18 22:12 - 2018-02-10 05:33 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-18 22:12 - 2018-02-10 05:33 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-18 22:12 - 2018-02-10 05:32 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-02-18 22:12 - 2018-02-10 05:30 - 005892608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-02-18 22:12 - 2018-02-10 05:30 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-02-18 22:12 - 2018-02-10 05:29 - 004398080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2018-02-18 22:12 - 2018-01-12 01:18 - 000667032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-18 22:12 - 2018-01-12 00:27 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-02-18 22:12 - 2018-01-12 00:26 - 007344128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-18 22:11 - 2018-02-10 06:56 - 001066120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-18 22:11 - 2018-02-10 06:49 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-18 22:11 - 2018-02-10 06:48 - 000900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-18 22:11 - 2018-02-10 06:47 - 000387488 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-18 22:11 - 2018-02-10 06:44 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-18 22:11 - 2018-02-10 06:40 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-18 22:11 - 2018-02-10 06:37 - 001188552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-18 22:11 - 2018-02-10 06:36 - 001396680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-18 22:11 - 2018-02-10 06:26 - 000093568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-18 22:11 - 2018-02-10 05:36 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-18 22:11 - 2018-01-12 01:14 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-18 22:10 - 2018-02-10 06:41 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-18 22:10 - 2018-02-10 06:38 - 000822680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-02-18 22:10 - 2018-02-10 06:37 - 000272792 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-18 22:10 - 2018-02-10 06:35 - 001146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-18 22:10 - 2018-02-10 06:35 - 001021336 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-18 22:10 - 2018-02-10 06:30 - 000923584 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-02-18 22:10 - 2018-02-10 06:29 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-18 22:10 - 2018-02-10 06:24 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-18 22:10 - 2018-02-10 05:34 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-02-18 22:10 - 2018-01-12 01:24 - 000966040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-02-18 22:10 - 2018-01-12 01:12 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 001694616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 001091488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000987040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000855968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000406936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000235416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-02-18 22:10 - 2018-01-12 01:12 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-02-18 22:10 - 2018-01-12 00:30 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-02-18 22:10 - 2018-01-12 00:23 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-02-18 22:08 - 2018-02-10 05:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-18 22:08 - 2018-01-12 01:24 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-02-18 22:08 - 2018-01-12 01:18 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-02-18 22:08 - 2018-01-12 01:15 - 000388512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-02-18 20:51 - 2018-02-18 20:51 - 010523251 _____ C:\Users\oem\Downloads\prilohy_86361.zip
2018-02-18 20:51 - 2018-02-18 20:51 - 009545852 _____ C:\Users\oem\Downloads\prilohy_86355.zip
2018-02-13 11:29 - 2018-02-13 11:29 - 000472651 _____ C:\Users\oem\Desktop\Novinařský kalamář.pdf
2018-02-13 11:17 - 2018-02-13 11:17 - 000122735 _____ C:\Users\oem\Downloads\Microsoft Word - novinářský kalamář - dopis na školy 2017.pdf
2018-02-13 11:10 - 2018-02-13 11:10 - 000361271 _____ C:\Users\oem\Desktop\přihláška do VŘ NK 2018.pdf
2018-02-11 21:16 - 2018-02-11 21:16 - 000432008 _____ C:\Users\oem\Desktop\pozvánka na ON - chlapci.pdf
2018-02-11 20:46 - 2018-02-11 20:46 - 000538871 _____ C:\Users\oem\Downloads\plán akcí ON.pdf
2018-02-11 20:46 - 2018-02-11 20:46 - 000432492 _____ C:\Users\oem\Downloads\ON - chlapci.pdf
2018-02-10 21:09 - 2018-02-10 21:09 - 000052736 _____ C:\Users\oem\Downloads\1Tabulka_HD_2018.xls
2018-02-09 21:44 - 2018-02-09 21:44 - 000015660 _____ C:\Users\oem\Downloads\DHK Zora Olomouc.xlsx
2018-02-09 21:23 - 2018-02-09 21:23 - 000563481 _____ C:\Users\oem\Downloads\zápis_turnaj.xlsm
2018-02-09 21:16 - 2018-02-09 21:16 - 020122701 _____ C:\Users\oem\Desktop\Žeravice.rar
2018-02-09 21:16 - 2018-02-09 21:16 - 014560645 _____ C:\Users\oem\Desktop\7.2.rar
2018-02-09 20:57 - 2018-02-10 21:20 - 000000000 ____D C:\Users\oem\Desktop\Házenkářský desetiboj - kvalifikace
2018-02-09 20:46 - 2018-02-09 20:46 - 000000000 ____D C:\Users\oem\Desktop\7.2
2018-02-09 20:41 - 2018-02-09 20:42 - 000000000 ____D C:\Users\oem\Desktop\Žeravice
2018-02-07 09:43 - 2018-02-07 09:43 - 000013163 _____ C:\Users\oem\Downloads\rezervace-2018-02-07.xlsx
2018-02-07 07:46 - 2018-02-07 07:46 - 000271872 _____ (Microsoft Corporation) C:\Users\oem\Downloads\cmd.exe
2018-02-07 07:46 - 2018-02-07 07:46 - 000271872 _____ (Microsoft Corporation) C:\Users\oem\Downloads\cmd (1).exe
2018-02-05 20:31 - 2018-02-05 20:46 - 000000000 ____D C:\Users\oem\Desktop\dago - pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-06 21:39 - 2018-01-05 09:32 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-03-06 21:20 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-06 21:20 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-06 21:14 - 2017-09-03 04:33 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9E643D7-5052-482B-9F7F-BA781EDA711C}
2018-03-06 21:10 - 2017-09-03 04:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-06 17:46 - 2017-09-03 04:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-06 09:31 - 2017-09-03 04:20 - 000000000 ____D C:\Users\oem
2018-03-06 00:00 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-03-02 00:26 - 2017-03-18 22:03 - 000000000 ___RD C:\Program Files\Windows Defender
2018-02-28 05:03 - 2017-09-01 16:53 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-28 04:40 - 2017-09-03 04:37 - 000095253 _____ C:\WINDOWS\diagwrn.xml
2018-02-28 04:40 - 2017-09-03 04:37 - 000095253 _____ C:\WINDOWS\diagerr.xml
2018-02-28 03:18 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-28 03:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration
2018-02-28 03:02 - 2017-09-30 16:02 - 000000000 ___HD C:\$WINDOWS.~BT
2018-02-28 01:57 - 2017-09-03 04:33 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-28 00:47 - 2017-07-01 13:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 00:47 - 2017-07-01 13:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-25 00:54 - 2017-08-03 07:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-23 23:43 - 2018-01-12 14:47 - 000000000 ____D C:\Program Files\rempl
2018-02-22 12:55 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-02-19 14:44 - 2017-06-01 01:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-19 14:38 - 2017-09-03 04:11 - 000392432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-19 14:35 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2018-02-19 14:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-02-19 14:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-19 14:33 - 2017-03-20 06:01 - 000000000 ____D C:\WINDOWS\HoloShell
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-19 14:33 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-02-18 23:15 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-18 23:06 - 2017-05-31 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-18 23:02 - 2017-10-10 21:26 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-18 23:02 - 2017-05-31 16:49 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-18 20:24 - 2017-09-03 04:33 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3399608290-4279254374-1781565460-1001
2018-02-18 20:24 - 2017-08-03 07:40 - 000002385 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-18 20:24 - 2017-06-01 01:07 - 000000000 ___RD C:\Users\oem\OneDrive
2018-02-13 09:55 - 2018-01-05 10:10 - 000006384 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2018-02-09 19:59 - 2017-05-31 16:52 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-02-06 14:17 - 2017-09-03 04:33 - 000004662 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-06 14:17 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 14:17 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-05 20:44 - 2018-01-22 10:09 - 000000000 ____D C:\Users\oem\Desktop\pozvánky Dago

==================== Files in the root of some directories =======

2017-12-14 21:58 - 2015-09-21 09:33 - 000019068 ___SH () C:\Users\oem\AppData\Roaming\Microsoft\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs

Some files in TEMP:
====================
2018-01-05 11:38 - 2018-01-05 11:38 - 001856576 _____ (Oracle Corporation) C:\Users\oem\AppData\Local\Temp\jre-8u151-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-04 09:52

==================== End of FRST.txt ============================

Zdravím!
Pusťtě na to USBFix: http://www.stahuj.centrum.cz/utility_a_ ... ve/usbfix/ . Dejte log.

Zdravím,
když spustím USBFix, zobrazí se upozornění na novou verzi, kde je jediná volba a to OK. Přesměruje mě to na web, kde se mi ale nedaří stáhnout tu free verzi....můžete se na to podívat, případně poradit?
Díky....
Tak nakonec jsem to dokázal stáhnout, přikládám tedy log

############################## | UsbFix Premium V 10.016 | [Full scan]

User: oem (Administrator) # DESKTOP-L4B4T40
Updated 17/02/2018 by SOSVirus
Started at 22:57:35 | 06/03/2018

Website : https://www.usb-antivirus.com/ https://www.usb-antivirus.com/
Contact : https://www.usb-antivirus.com/contact/ https://www.usb-antivirus.com/contact/

################## | System information |

MB: MSI (MS-163K)
CPU: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz
RAM -> [Total : 4061 Mo | Free : 1828 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 10 Enterprise (6.3.15063 64-Bit)
WB: Internet Explorer : 11.00.15063.0
WB: Microsoft Edge : 11.00.15063.909 (WinBuild.160101.0800)
WB: Google Chrome : 64.0.3282.186

################## | Security Information |

AV: Windows Defender [Enabled |Updated]
AV: COMODO Antivirus [(!) Disabled |Updated]
AS: Windows Defender [Enabled |Updated]
AS: COMODO Advanced Protection [(!) Disabled |Updated]
FW: COMODO Firewall [(!) Disabled]
FW: Windows Firewall [(!) Disabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 297 Gb (217 Gb free - 73%) [] # NTFS
E:\ -> CD-ROM # 693 Mb (0 Mb free - 0%) [hbc] # UDF
F:\ -> Removable disk # 8 Gb (445 Mb free - 6%) [] # FAT32

################## | Autorun |

F:\trenink.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\Kong, Ostrov lebek, (2017,cz,dabing,HQ)ddd.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\Piráti z Karibiku Salazarova pomsta (2017) CZ dabing.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\Belka_Hry.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\brankarky.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\video_pondeli.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\seminar_fyzioterapie.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\video_bystrice.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\video_bystrice_golmani.lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\Suicide Squad (CZ-dabing, akční, BRRip, 2016).lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
F:\Deadpool CZ dabing (2016).lnk -> F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs

################## | Generic Research | Full scan |

Not selected! F:\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
Not selected! F:\.lnk
Not selected! F:\2.lnk
Not selected! F:\trenink.lnk
Not selected! F:\Kong, Ostrov lebek, (2017,cz,dabing,HQ)ddd.lnk
Not selected! F:\Piráti z Karibiku Salazarova pomsta (2017) CZ dabing.lnk
Not selected! F:\Belka_Hry.lnk
Not selected! F:\brankarky.lnk
Not selected! F:\video_pondeli.lnk
Not selected! F:\seminar_fyzioterapie.lnk
Not selected! F:\video_bystrice.lnk
Not selected! F:\video_bystrice_golmani.lnk
Not selected! F:\Suicide Squad (CZ-dabing, akční, BRRip, 2016).lnk
Not selected! F:\Deadpool CZ dabing (2016).lnk
Not selected! F:\System Volume Information.lnk
Not selected! F:\FOUND.000.lnk
Not selected! C:\Users\oem\AppData\Local\Temp\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
Not selected! C:\Users\oem\AppData\Roaming\Microsoft\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs
Not selected! C:\VTRoot\HarddiskVolume2\Users\oem\AppData\Local\Temp\KMS Activator all windows 7-10 and office 2013-2016 (Crack).vbs

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [OneDrive] "C:\Users\oem\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKCU\..\Run : [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - [x64] HKLM\..\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
04 - [x64] HKLM\..\Run : [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
04 - [x64] HKLM\..\Run : [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\..\Run : [OneDrive] "C:\Users\oem\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\..\Run : [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

################## | E.O.F |

V programu je třeba po skenu kliknout na delete a disinfected.

nechtěl jsem tam nic mazat, takze vycistim, vylecim a potom mam udelat log z FRST?

Ano.

USBFix free 2018 - verze 10.016 má pouze možnost clean all, provedeno, poté FRST, log vkládám


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by oem (administrator) on DESKTOP-L4B4T40 (07-03-2018 15:30:16)
Running from C:\Users\oem\Downloads
Loaded Profiles: oem (Available Profiles: oem)
Platform: Windows 10 Enterprise Version 1703 15063.909 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\UsbFix\UsbFix.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\coredpussvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2182568 2018-01-09] (COMODO)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\RunOnce: [] => [X]
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {0251b8c5-f8f5-11e7-b93c-0024216d289c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {30419bd9-989d-11e7-b924-0024216d289c} - "F:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{84f6aa1a-560d-45a0-b5ea-f68d25b6d4d5}: [DhcpNameServer] 192.168.3.10 19.168.3.1
Tcpip\..\Interfaces\{cd9e4798-fc2f-452f-969d-b59cc846fdd5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-05] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-05] (Oracle Corporation)

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-05] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2018-03-07]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-25]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10962648 2018-01-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2875816 2018-01-09] (COMODO)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-26] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-02] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-02] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2017-12-29] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [830448 2017-12-29] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50776 2017-12-29] (COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [133384 2017-12-29] (COMODO)
R1 MpKslf557bfe5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3F4803C8-AE90-473B-A51B-34B1C02A241A}\MpKslf557bfe5.sys [58120 2018-03-06] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S1 swnvftwl; C:\WINDOWS\system32\drivers\swnvftwl.sys [72816 2018-03-06] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-02] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-02] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-02] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-07 15:28 - 2018-03-07 15:29 - 000005201 _____ C:\Users\oem\Desktop\UsbFix_Report.txt
2018-03-06 22:22 - 2018-03-06 22:57 - 000001513 _____ C:\Users\oem\Desktop\UsbFix_2018 – zástupce.lnk
2018-03-06 22:14 - 2018-03-06 22:57 - 000001962 _____ C:\Users\oem\Desktop\UsbFix Anti-Malware.lnk
2018-03-06 22:14 - 2018-03-06 22:57 - 000000000 ____D C:\Program Files (x86)\UsbFix
2018-03-06 22:12 - 2018-03-06 22:55 - 007092208 _____ (SOSVirus) C:\Users\oem\Downloads\UsbFix_2018.exe
2018-03-06 21:46 - 2018-03-06 21:47 - 000031342 _____ C:\Users\oem\Downloads\Addition.txt
2018-03-06 21:43 - 2018-03-07 15:31 - 000010435 _____ C:\Users\oem\Downloads\FRST.txt
2018-03-06 21:43 - 2018-03-07 15:30 - 000000000 ____D C:\FRST
2018-03-06 21:40 - 2018-03-06 21:40 - 002403328 _____ (Farbar) C:\Users\oem\Downloads\FRST64 (1).exe
2018-03-06 21:37 - 2018-03-06 21:37 - 000000629 _____ C:\Users\oem\Desktop\FRSTLauncher – zástupce.lnk
2018-03-06 21:35 - 2018-03-06 21:35 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swnvftwl.sys
2018-03-06 21:35 - 2018-03-06 21:35 - 000000000 _____ C:\Users\oem\Downloads\FRSTLauncher.exe
2018-03-06 21:23 - 2018-03-07 15:30 - 000001466 _____ C:\Users\oem\Desktop\FRST64 – zástupce.lnk
2018-03-06 21:23 - 2018-03-06 21:23 - 002403328 _____ (Farbar) C:\Users\oem\Downloads\FRST64.exe
2018-03-06 21:18 - 2018-03-06 21:18 - 000000000 ____D C:\rsit
2018-03-06 21:18 - 2018-03-06 21:18 - 000000000 ____D C:\Program Files\trend micro
2018-03-06 21:17 - 2018-03-06 21:17 - 001222144 _____ C:\Users\oem\Downloads\RSITx64.exe
2018-03-06 13:33 - 2018-03-06 13:33 - 000015094 _____ C:\Users\oem\Downloads\rezervace-2018-03-06 (2).xlsx
2018-03-06 13:31 - 2018-03-06 13:31 - 000018331 _____ C:\Users\oem\Desktop\trenérský seminář - 7.3. 2018 Dago.xlsx
2018-03-06 11:05 - 2018-03-06 11:05 - 000015001 _____ C:\Users\oem\Downloads\rezervace-2018-03-06 (1).xlsx
2018-03-06 10:55 - 2018-03-06 10:55 - 000012344 _____ C:\Users\oem\Downloads\rezervace-2018-03-06.xlsx
2018-03-05 15:50 - 2018-03-05 15:50 - 000271872 _____ (Microsoft Corporation) C:\Users\oem\Downloads\cmd (2).exe
2018-03-05 11:43 - 2018-03-05 11:49 - 924794762 _____ C:\Users\oem\Downloads\Jumanji Welcome to the Jungle (2017) CZtit. NOVINKA OBRAZE.avi
2018-03-02 00:27 - 2018-03-02 00:27 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-02-23 16:09 - 2018-02-23 16:10 - 000425819 _____ C:\Users\oem\Desktop\ON kluci - seznam.pdf
2018-02-22 12:36 - 2018-02-22 12:37 - 027568551 _____ C:\Users\oem\Desktop\ON kluci.rar
2018-02-22 12:33 - 2018-02-22 12:35 - 000000000 ____D C:\Users\oem\Desktop\ON kluci
2018-02-22 12:32 - 2018-02-22 12:35 - 000000000 ____D C:\Users\oem\Desktop\prilohy_86548
2018-02-22 12:30 - 2018-02-22 12:34 - 000000000 ____D C:\Users\oem\Desktop\prilohy_86536
2018-02-22 12:30 - 2018-02-22 12:30 - 007420362 _____ C:\Users\oem\Downloads\prilohy_86548.zip
2018-02-22 12:29 - 2018-02-22 12:29 - 010804361 _____ C:\Users\oem\Downloads\prilohy_86542.zip
2018-02-22 12:28 - 2018-02-22 12:28 - 009471657 _____ C:\Users\oem\Downloads\prilohy_86536.zip
2018-02-19 14:40 - 2018-03-02 00:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-18 22:39 - 2018-02-10 05:54 - 002167320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-18 22:39 - 2018-02-10 05:54 - 000556352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-18 22:39 - 2018-02-10 05:53 - 000277384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-18 22:39 - 2018-02-10 05:52 - 000079600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-18 22:39 - 2018-02-10 05:52 - 000059448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-18 22:39 - 2018-02-10 05:51 - 006769312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-18 22:39 - 2018-02-10 05:49 - 000154488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2018-02-18 22:39 - 2018-02-10 05:42 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-18 22:39 - 2018-02-10 05:41 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2018-02-18 22:39 - 2018-02-10 05:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-18 22:39 - 2018-02-10 05:38 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2018-02-18 22:39 - 2018-02-10 05:37 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-18 22:39 - 2018-02-10 05:35 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-18 22:39 - 2018-02-10 05:33 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-18 22:39 - 2018-02-10 05:33 - 001172480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-02-18 22:39 - 2018-02-10 05:32 - 003425280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-18 22:39 - 2018-02-10 05:31 - 002010112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-18 22:39 - 2018-02-10 05:31 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-18 22:39 - 2018-02-10 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-18 22:39 - 2018-02-10 05:29 - 004558848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-18 22:39 - 2018-02-10 05:26 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2018-02-18 22:39 - 2018-02-10 05:24 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vss_ps.dll
2018-02-18 22:39 - 2018-01-12 00:44 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-02-18 22:39 - 2018-01-12 00:25 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2018-02-18 22:39 - 2018-01-12 00:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-02-18 22:39 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2018-02-18 22:39 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 004004984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000923256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000837240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000653432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-18 22:39 - 2017-12-19 02:38 - 000061048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-18 22:38 - 2018-02-10 05:54 - 002605272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-02-18 22:38 - 2018-02-10 05:54 - 001465864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-02-18 22:38 - 2018-02-10 05:51 - 004672336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-18 22:38 - 2018-02-10 05:51 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-18 22:38 - 2018-02-10 05:40 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2018-02-18 22:38 - 2018-02-10 05:39 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-18 22:38 - 2018-02-10 05:35 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-02-18 22:38 - 2018-02-10 05:34 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-02-18 22:38 - 2018-02-10 05:34 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-18 22:38 - 2018-02-10 05:34 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-18 22:38 - 2018-02-10 05:32 - 006259200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-18 22:38 - 2018-02-10 05:32 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-02-18 22:38 - 2018-02-10 05:31 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-18 22:38 - 2018-02-10 05:30 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-02-18 22:38 - 2018-02-10 05:30 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-18 22:38 - 2018-02-10 05:29 - 003653632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-18 22:38 - 2018-01-12 00:30 - 006729216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-18 22:38 - 2018-01-12 00:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2018-02-18 22:38 - 2018-01-12 00:18 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2018-02-18 22:37 - 2018-02-10 06:03 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-18 22:37 - 2018-02-10 06:00 - 002260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-02-18 22:37 - 2018-02-10 05:54 - 000025504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkPS.dll
2018-02-18 22:37 - 2018-02-10 05:53 - 000613688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-02-18 22:37 - 2018-02-10 05:49 - 000583664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-02-18 22:37 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-18 22:37 - 2018-02-10 05:37 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-18 22:37 - 2018-02-10 05:37 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-18 22:37 - 2018-02-10 05:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-18 22:37 - 2018-02-10 05:35 - 020513792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-18 22:37 - 2018-02-10 05:35 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-02-18 22:37 - 2018-02-10 05:33 - 019350528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-18 22:37 - 2018-02-10 05:33 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-18 22:37 - 2018-02-10 05:30 - 005227008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-02-18 22:37 - 2018-02-10 05:30 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2018-02-18 22:37 - 2018-02-10 05:27 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkInternalPS.dll
2018-02-18 22:37 - 2018-01-12 00:54 - 000627584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-02-18 22:37 - 2018-01-12 00:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-02-18 22:37 - 2018-01-12 00:23 - 005970944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-18 22:21 - 2018-02-10 06:26 - 000650872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-18 22:19 - 2018-02-10 06:35 - 000022904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-18 22:19 - 2018-02-10 06:26 - 000459160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-02-18 22:19 - 2018-02-10 06:25 - 000349752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-18 22:19 - 2018-02-10 06:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-18 22:19 - 2018-02-10 05:42 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-18 22:19 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-18 22:19 - 2018-02-10 05:30 - 004507136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-18 22:19 - 2018-02-10 05:29 - 002053120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-18 22:19 - 2018-02-10 05:28 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-18 22:19 - 2018-02-10 05:27 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-18 22:19 - 2018-02-10 05:23 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2018-02-18 22:19 - 2018-01-12 00:20 - 001437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2018-02-18 22:18 - 2018-02-10 05:37 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2018-02-18 22:18 - 2018-02-10 05:36 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2018-02-18 22:18 - 2018-02-10 05:34 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-02-18 22:18 - 2018-02-10 05:30 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-02-18 22:18 - 2018-02-10 05:29 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-02-18 22:18 - 2018-01-12 00:33 - 007931904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-18 22:18 - 2018-01-12 00:30 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-02-18 22:17 - 2018-02-10 06:32 - 001018776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-02-18 22:17 - 2018-02-10 06:22 - 021354728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-18 22:17 - 2018-02-10 06:20 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-18 22:17 - 2018-02-10 05:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2018-02-18 22:17 - 2018-02-10 05:38 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-18 22:17 - 2018-02-10 05:35 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-02-18 22:17 - 2018-02-10 05:35 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-02-18 22:17 - 2018-02-10 05:33 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-18 22:17 - 2018-02-10 05:33 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-18 22:17 - 2018-02-10 05:31 - 008175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-18 22:17 - 2018-02-10 05:30 - 004720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-18 22:17 - 2018-02-10 05:29 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-02-18 22:17 - 2018-02-10 05:29 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-18 22:17 - 2018-02-10 05:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 005008504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 001235576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 000988792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 000893048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-18 22:17 - 2018-01-13 03:06 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-18 22:17 - 2018-01-12 00:29 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-02-18 22:17 - 2018-01-12 00:27 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-02-18 22:17 - 2018-01-12 00:26 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-18 22:17 - 2018-01-12 00:25 - 004208640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-02-18 22:16 - 2018-02-10 06:25 - 001667824 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-02-18 22:16 - 2018-02-10 06:24 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-18 22:16 - 2018-02-10 05:28 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-18 22:16 - 2018-01-12 00:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-02-18 22:16 - 2018-01-12 00:30 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-18 22:16 - 2018-01-12 00:29 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-02-18 22:16 - 2018-01-12 00:29 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-02-18 22:16 - 2018-01-12 00:26 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-02-18 22:16 - 2018-01-12 00:25 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-02-18 22:16 - 2018-01-12 00:24 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-02-18 22:16 - 2018-01-12 00:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-02-18 22:15 - 2018-02-10 06:38 - 008344984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-18 22:15 - 2018-02-10 06:25 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-02-18 22:15 - 2018-02-10 05:33 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-02-18 22:15 - 2018-02-10 05:33 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-18 22:15 - 2018-01-12 00:29 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-02-18 22:14 - 2018-02-10 20:15 - 001161216 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-02-18 22:14 - 2018-02-10 06:35 - 000519576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-18 22:14 - 2018-02-10 06:25 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-18 22:14 - 2018-02-10 06:24 - 000643704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-18 22:14 - 2018-02-10 06:23 - 004709008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-18 22:14 - 2018-02-10 06:22 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-18 22:14 - 2018-02-10 06:20 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2018-02-18 22:14 - 2018-02-10 05:40 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2018-02-18 22:14 - 2018-02-10 05:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2018-02-18 22:14 - 2018-02-10 05:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-18 22:14 - 2018-02-10 05:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-18 22:14 - 2018-02-10 05:34 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-18 22:14 - 2018-02-10 05:31 - 012803584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-18 22:14 - 2018-02-01 22:28 - 000125015 ____R C:\WINDOWS\system32\CaptureCountdown.hcp
2018-02-18 22:14 - 2018-02-01 22:28 - 000119017 ____R C:\WINDOWS\system32\CaptureBrackets.hcp
2018-02-18 22:14 - 2018-02-01 22:28 - 000017806 ____R C:\WINDOWS\system32\CaptureToast.hcp
2018-02-18 22:14 - 2018-01-12 00:29 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2018-02-18 22:14 - 2018-01-12 00:24 - 001191424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-18 22:14 - 2018-01-12 00:23 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-02-18 22:14 - 2018-01-12 00:21 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-02-18 22:14 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2018-02-18 22:14 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2018-02-18 22:13 - 2018-02-10 06:32 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-18 22:13 - 2018-02-10 06:26 - 000036760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2018-02-18 22:13 - 2018-02-10 05:56 - 023681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-18 22:13 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-18 22:13 - 2018-02-10 05:38 - 023697408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-18 22:13 - 2018-02-10 05:36 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-18 22:13 - 2018-02-10 05:36 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-18 22:13 - 2018-02-10 05:35 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-18 22:13 - 2018-02-10 05:35 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-18 22:13 - 2018-02-10 05:32 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-18 22:13 - 2018-02-10 05:31 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-18 22:13 - 2018-02-10 05:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-18 22:13 - 2018-02-10 05:28 - 002007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-02-18 22:13 - 2018-02-10 05:28 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-18 22:13 - 2018-02-10 05:26 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-02-18 22:13 - 2018-01-12 01:24 - 000751576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-02-18 22:12 - 2018-02-10 06:48 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-18 22:12 - 2018-02-10 06:47 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-18 22:12 - 2018-02-10 06:47 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-18 22:12 - 2018-02-10 06:44 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-18 22:12 - 2018-02-10 06:41 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-18 22:12 - 2018-02-10 06:40 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-18 22:12 - 2018-02-10 06:31 - 002970424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-02-18 22:12 - 2018-02-10 06:31 - 000381848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-18 22:12 - 2018-02-10 06:24 - 000727848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-02-18 22:12 - 2018-02-10 06:23 - 000070344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-18 22:12 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2018-02-18 22:12 - 2018-02-10 05:35 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-02-18 22:12 - 2018-02-10 05:33 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-18 22:12 - 2018-02-10 05:33 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-18 22:12 - 2018-02-10 05:32 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-02-18 22:12 - 2018-02-10 05:30 - 005892608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-02-18 22:12 - 2018-02-10 05:30 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-02-18 22:12 - 2018-02-10 05:29 - 004398080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2018-02-18 22:12 - 2018-01-12 01:18 - 000667032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-18 22:12 - 2018-01-12 00:27 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-02-18 22:12 - 2018-01-12 00:26 - 007344128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-18 22:11 - 2018-02-10 06:56 - 001066120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-18 22:11 - 2018-02-10 06:49 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-18 22:11 - 2018-02-10 06:48 - 000900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-18 22:11 - 2018-02-10 06:47 - 000387488 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-18 22:11 - 2018-02-10 06:44 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-18 22:11 - 2018-02-10 06:40 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-18 22:11 - 2018-02-10 06:37 - 001188552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-18 22:11 - 2018-02-10 06:36 - 001396680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-18 22:11 - 2018-02-10 06:26 - 000093568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-18 22:11 - 2018-02-10 05:36 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-18 22:11 - 2018-01-12 01:14 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-18 22:10 - 2018-02-10 06:41 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-18 22:10 - 2018-02-10 06:38 - 000822680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-02-18 22:10 - 2018-02-10 06:37 - 000272792 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-18 22:10 - 2018-02-10 06:35 - 001146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-18 22:10 - 2018-02-10 06:35 - 001021336 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-18 22:10 - 2018-02-10 06:30 - 000923584 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-02-18 22:10 - 2018-02-10 06:29 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-18 22:10 - 2018-02-10 06:24 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-18 22:10 - 2018-02-10 05:34 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-02-18 22:10 - 2018-01-12 01:24 - 000966040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-02-18 22:10 - 2018-01-12 01:12 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 001694616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 001091488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000987040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000855968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000406936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-02-18 22:10 - 2018-01-12 01:12 - 000235416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-02-18 22:10 - 2018-01-12 01:12 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-02-18 22:10 - 2018-01-12 00:30 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-02-18 22:10 - 2018-01-12 00:23 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-02-18 22:08 - 2018-02-10 05:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-18 22:08 - 2018-01-12 01:24 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-02-18 22:08 - 2018-01-12 01:18 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-02-18 22:08 - 2018-01-12 01:15 - 000388512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-02-18 20:51 - 2018-02-18 20:51 - 010523251 _____ C:\Users\oem\Downloads\prilohy_86361.zip
2018-02-18 20:51 - 2018-02-18 20:51 - 009545852 _____ C:\Users\oem\Downloads\prilohy_86355.zip
2018-02-13 11:29 - 2018-02-13 11:29 - 000472651 _____ C:\Users\oem\Desktop\Novinařský kalamář.pdf
2018-02-13 11:17 - 2018-02-13 11:17 - 000122735 _____ C:\Users\oem\Downloads\Microsoft Word - novinářský kalamář - dopis na školy 2017.pdf
2018-02-13 11:10 - 2018-02-13 11:10 - 000361271 _____ C:\Users\oem\Desktop\přihláška do VŘ NK 2018.pdf
2018-02-11 21:16 - 2018-02-11 21:16 - 000432008 _____ C:\Users\oem\Desktop\pozvánka na ON - chlapci.pdf
2018-02-11 20:46 - 2018-02-11 20:46 - 000538871 _____ C:\Users\oem\Downloads\plán akcí ON.pdf
2018-02-11 20:46 - 2018-02-11 20:46 - 000432492 _____ C:\Users\oem\Downloads\ON - chlapci.pdf
2018-02-10 21:09 - 2018-02-10 21:09 - 000052736 _____ C:\Users\oem\Downloads\1Tabulka_HD_2018.xls
2018-02-09 21:44 - 2018-02-09 21:44 - 000015660 _____ C:\Users\oem\Downloads\DHK Zora Olomouc.xlsx
2018-02-09 21:23 - 2018-02-09 21:23 - 000563481 _____ C:\Users\oem\Downloads\zápis_turnaj.xlsm
2018-02-09 21:16 - 2018-02-09 21:16 - 020122701 _____ C:\Users\oem\Desktop\Žeravice.rar
2018-02-09 21:16 - 2018-02-09 21:16 - 014560645 _____ C:\Users\oem\Desktop\7.2.rar
2018-02-09 20:57 - 2018-02-10 21:20 - 000000000 ____D C:\Users\oem\Desktop\Házenkářský desetiboj - kvalifikace
2018-02-09 20:46 - 2018-02-09 20:46 - 000000000 ____D C:\Users\oem\Desktop\7.2
2018-02-09 20:41 - 2018-02-09 20:42 - 000000000 ____D C:\Users\oem\Desktop\Žeravice
2018-02-07 09:43 - 2018-02-07 09:43 - 000013163 _____ C:\Users\oem\Downloads\rezervace-2018-02-07.xlsx
2018-02-07 07:46 - 2018-02-07 07:46 - 000271872 _____ (Microsoft Corporation) C:\Users\oem\Downloads\cmd.exe
2018-02-07 07:46 - 2018-02-07 07:46 - 000271872 _____ (Microsoft Corporation) C:\Users\oem\Downloads\cmd (1).exe
2018-02-05 20:31 - 2018-02-05 20:46 - 000000000 ____D C:\Users\oem\Desktop\dago - pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-07 15:29 - 2018-01-05 09:32 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-03-07 10:04 - 2017-09-03 04:33 - 000004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9E643D7-5052-482B-9F7F-BA781EDA711C}
2018-03-07 00:00 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-03-06 22:09 - 2017-09-03 04:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-06 21:20 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-06 21:20 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-06 21:10 - 2017-09-03 04:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-06 09:31 - 2017-09-03 04:20 - 000000000 ____D C:\Users\oem
2018-03-02 00:26 - 2017-03-18 22:03 - 000000000 ___RD C:\Program Files\Windows Defender
2018-02-28 05:03 - 2017-09-01 16:53 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-28 04:40 - 2017-09-03 04:37 - 000095253 _____ C:\WINDOWS\diagwrn.xml
2018-02-28 04:40 - 2017-09-03 04:37 - 000095253 _____ C:\WINDOWS\diagerr.xml
2018-02-28 03:18 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-28 03:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration
2018-02-28 03:02 - 2017-09-30 16:02 - 000000000 ___HD C:\$WINDOWS.~BT
2018-02-28 01:57 - 2017-09-03 04:33 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-28 00:47 - 2017-07-01 13:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 00:47 - 2017-07-01 13:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-25 00:54 - 2017-08-03 07:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-23 23:43 - 2018-01-12 14:47 - 000000000 ____D C:\Program Files\rempl
2018-02-22 12:55 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-02-19 14:44 - 2017-06-01 01:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-19 14:38 - 2017-09-03 04:11 - 000392432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-19 14:35 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2018-02-19 14:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-02-19 14:34 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-19 14:33 - 2017-03-20 06:01 - 000000000 ____D C:\WINDOWS\HoloShell
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-19 14:33 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-19 14:33 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-02-18 23:15 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-18 23:06 - 2017-05-31 16:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-18 23:02 - 2017-10-10 21:26 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-18 23:02 - 2017-05-31 16:49 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-18 20:24 - 2017-09-03 04:33 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3399608290-4279254374-1781565460-1001
2018-02-18 20:24 - 2017-08-03 07:40 - 000002385 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-18 20:24 - 2017-06-01 01:07 - 000000000 ___RD C:\Users\oem\OneDrive
2018-02-13 09:55 - 2018-01-05 10:10 - 000006384 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2018-02-09 19:59 - 2017-05-31 16:52 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-02-06 14:17 - 2017-09-03 04:33 - 000004662 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-06 14:17 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 14:17 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-05 20:44 - 2018-01-22 10:09 - 000000000 ____D C:\Users\oem\Desktop\pozvánky Dago

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-04 09:52

==================== End of FRST.txt ============================

OK, díky za info. Mám tu starší verzi. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\RunOnce: [] => [X]
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {0251b8c5-f8f5-11e7-b93c-0024216d289c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {30419bd9-989d-11e7-b924-0024216d289c} - "F:\HiSuiteDownLoader.exe"

EmptyTemp:
End

Uložte do C:\Users\oem\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

po fix se notebook zrestartoval, ale snad jsem našel ten správný log

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by oem (07-03-2018 16:09:20) Run:1
Running from C:\Users\oem\Downloads
Loaded Profiles: oem (Available Profiles: oem)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\RunOnce: [] => [X]
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {0251b8c5-f8f5-11e7-b93c-0024216d289c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\...\MountPoints2: {30419bd9-989d-11e7-b924-0024216d289c} - "F:\HiSuiteDownLoader.exe"

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\" => removed successfully
"HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0251b8c5-f8f5-11e7-b93c-0024216d289c}" => removed successfully
HKLM\Software\Classes\CLSID\{0251b8c5-f8f5-11e7-b93c-0024216d289c} => not found
"HKU\S-1-5-21-3399608290-4279254374-1781565460-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30419bd9-989d-11e7-b924-0024216d289c}" => removed successfully
HKLM\Software\Classes\CLSID\{30419bd9-989d-11e7-b924-0024216d289c} => not found

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40557518 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 3112004 B
Edge => 1846128 B
Chrome => 174843641 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 7955870 B
NetworkService => 446130 B
oem => 237041123 B

RecycleBin => 71859511 B
EmptyTemp: => 518.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:11:46 ====

Smazáno. Nastala nějaká změna?

Změna je na té flešce. Před tím fixem už byly ze zástupců opět plnohodnotné soubory včetně skutečných velikostí, teď sice v průzkumníkovi vypadá, že je plná, ale není vidět ani jeden soubor. Fix jsem dělal s připojenou fleškou, nevím jestli to nebyla chyba....

No, to určitě byla chyba. Zkuste znovu tu akci s USBFix.

No jo, já nejsem v těchto věcech zběhlý vyzkouším a podám info. Jen se ještě vrátím k otázce, kterou sem pokládal na začátku - těch nakažených flešek je víc, jen já mám teď doma tři. Na odvšivení každé z nich bude stačit ten USBFix? Nebo bude potřeba celá ta procedura, jako teď?
Předem díky za odpověď a ochotu,
PV.

USBFix by měl stačit.

Tak ty flešky co mám doma fungují po USBFix, akorát se tam vytvořili dva soubory .cm0012 a .cmdb, můžu je smazat? Zítra bych měl mít ty zbývající, tak je poléčím stejně. Můžu sem pro jistotu potom dát ještě log z FRST?
Díky PV.