VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o preventivku

https://forum.viry.cz:443/viewtopic.php?t=154756

Stránka 1 z 1

prosím o preventivku

Napsal: 30 srp 2018 10:46
od gold
pc se občas zastaví:
Logfile of random's system information tool 1.10 (written by random/random)
Run by oldřich at 2018-08-30 11:42:00
Microsoft Windows 8.1
System drive C: has 879 GB (92%) free of 954 GB
Total RAM: 8191 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:06, on 30. 8. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium\ConverterAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Games\World_of_Tanks\WoTLauncher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\oldřich.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [DXTempFolder] rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\OLDICH~1\AppData\Local\Temp\DXA12B.tmp\"
O4 - HKCU\..\Run: [Driver Updater] "C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe" -minimized
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [movavi_videoconverter_agent] C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium\ConverterAgent.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: SluĹľba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: SluĹľba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9188 bytes

======Listing Processes======





wininit.exe



winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskhostex.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
dashost.exe {0705b197-abb6-4c36-8e2fa9eb146b4c1d}
taskeng.exe {4FAD063F-3B92-4A2A-85A3-866F6F33BDCF}
"C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe" -boot
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe" -minimized
AvastUI.exe /nogui

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1848.0.916298910\524560951" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\oldřich\AppData\LocalLow\Mozilla\Temp-{dc55eec0-3d3c-45ef-858c-b73b449ae17c}" 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 1412 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1848.3.1015952773\1426709856" -childID 1 -isForBrowser -prefsHandle 1852 -prefsLen 8600 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 1944 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1848.13.48268176\127324889" -childID 2 -isForBrowser -prefsHandle 2392 -prefsLen 8600 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 2436 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1848.20.1132051208\1908409146" -childID 3 -isForBrowser -prefsHandle 3008 -prefsLen 11722 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 3060 tab
"C:\Program Files\Mozilla Firefox\plugin-container.exe" --channel="1848.27.230235948\21939944" "C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" 308046B0AF4A39CB 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 3576 plugin
"C:\Windows\System32\WWAHost.exe" -ServerName:Windows.Store
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhost.exe $(Arg0)
"C:\Program Files (x86)\OpenOffice 4\program\scalc.exe" -o "C:\Users\oldřich\Desktop\ZOO.ods"
"C:\Program Files (x86)\OpenOffice 4\program\scalc.exe" -o "C:\Users\oldřich\Desktop\ZOO.ods" -calc
"C:\Program Files (x86)\OpenOffice 4\program\scalc.exe" "-o" "C:\Users\oldřich\Desktop\ZOO.ods" "-calc" "-env:OOO_CWD=2C:\\Users\\oldřich\\Desktop"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\oldřich\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\oldřich\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\oldřich\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x130,0x134,0x138,0x12c,0x13c,0x70dd00b0,0x70dd00c0,0x70dd00cc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6160 --on-initialized-event-handle=496 --parent-handle=504 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=E01098B11781371EFA44A15E6D289D22 --mojo-platform-channel-handle=1216 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=D50D751649F0A57B6CC26A4C9EF937F2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=D50D751649F0A57B6CC26A4C9EF937F2 --renderer-client-id=7 --mojo-platform-channel-handle=2228 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=5B2665BF3A26A76DC9C4270496EAE0FB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=5B2665BF3A26A76DC9C4270496EAE0FB --renderer-client-id=4 --mojo-platform-channel-handle=3284 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=C0D7776BF6A15D40A1121E4BB62B0EFE --mojo-platform-channel-handle=5364 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=038F649F3BE5D80CFC3F2A70861F92AE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=038F649F3BE5D80CFC3F2A70861F92AE --renderer-client-id=311 --mojo-platform-channel-handle=11580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=5946B2784B1B80F6BFD87B80973F45D2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=5946B2784B1B80F6BFD87B80973F45D2 --renderer-client-id=968 --mojo-platform-channel-handle=8668 /prefetch:1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --reporter-url=https://rink.hockeyapp.net/api/2/apps/a ... hes/upload --application-name=skype-preview "--crashes-directory=C:\Users\OLDICH~1\AppData\Local\Temp\skype-preview Crashes" --v=1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --no-sandbox --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,22,23,24,27,32,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x665c --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.251.9001.1001 --gpu-driver-date=7-4-2014 --service-request-channel-token=8CEB9A541430C88034D84E9719D2EEC2 --mojo-platform-channel-handle=1432 /prefetch:2
-protocol 1 -command sync -caller_pid 5776 -upgraded

"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --ms-disable-indexeddb-transaction-timeout --no-sandbox --service-pipe-token=E0081A2CA191CC0863B348F10C24F4EB --lang=cs --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --node-integration=false --webview-tag=true --no-sandbox --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\Preload.js" --context-id=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=E0081A2CA191CC0863B348F10C24F4EB --renderer-client-id=22 --mojo-platform-channel-handle=3572 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=E9D80C5421041BA92661B20965299121 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=E9D80C5421041BA92661B20965299121 --renderer-client-id=2503 --mojo-platform-channel-handle=3044 /prefetch:1
"C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium\ConverterAgent.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=1A1CB73A090713E951588C989CC2A4CB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=1A1CB73A090713E951588C989CC2A4CB --renderer-client-id=3540 --mojo-platform-channel-handle=3688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=A9A48B9AFD4251DC1F139059F271F0B2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=A9A48B9AFD4251DC1F139059F271F0B2 --renderer-client-id=3639 --mojo-platform-channel-handle=8080 /prefetch:1
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1848.64.2062201635\1227601612" -childID 8 -isForBrowser -prefsHandle 6864 -prefsLen 12269 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 5248 tab
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=AD9C38C6F783571D399BDB9169B62C36 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=AD9C38C6F783571D399BDB9169B62C36 --renderer-client-id=3678 --mojo-platform-channel-handle=3364 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=611B72AC745B834BA8BF33E7B32488C2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=611B72AC745B834BA8BF33E7B32488C2 --renderer-client-id=3690 --mojo-platform-channel-handle=14456 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=EC351B9C6DFD94D723ED504BC3B44CC0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=EC351B9C6DFD94D723ED504BC3B44CC0 --renderer-client-id=4268 --mojo-platform-channel-handle=2576 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=3F5638E4436DC2053AFE59E1E94D9FA0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=3F5638E4436DC2053AFE59E1E94D9FA0 --renderer-client-id=4269 --mojo-platform-channel-handle=3768 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=003301653CCB37EAA940660BBDCADCA8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=003301653CCB37EAA940660BBDCADCA8 --renderer-client-id=4270 --mojo-platform-channel-handle=2840 /prefetch:1
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f7d8551f-e4d2-4e63-96f2-e9cbd8187b41 -SystemEventPortName:HostProcess-bd61c1e8-37de-428b-bdd6-86e3fcbf327a -IoCancelEventPortName:HostProcess-848848bd-916e-45ef-8f64-0d0df40c9d92 -NonStateChangingEventPortName:HostProcess-c1f9dd84-b46b-4a58-99b4-2eaa3ba5da74 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2abec7b6-4379-4752-af02-af4093bdff1e -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=4A53E2B2508D92BAE023CB2CB62D842A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=4A53E2B2508D92BAE023CB2CB62D842A --renderer-client-id=4329 --mojo-platform-channel-handle=8424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=9BCE2959D730307AA2487DF480B8711D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=9BCE2959D730307AA2487DF480B8711D --renderer-client-id=4330 --mojo-platform-channel-handle=11560 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=3FE2708BC475A5B93E70B5CBCCE66C6A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=3FE2708BC475A5B93E70B5CBCCE66C6A --renderer-client-id=4331 --mojo-platform-channel-handle=10556 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=C787C6561DEA518B193FFB3F8DEB6470 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=C787C6561DEA518B193FFB3F8DEB6470 --renderer-client-id=4402 --mojo-platform-channel-handle=11868 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=BFE721F7D9C9790D1D8C269AB8C297C1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=BFE721F7D9C9790D1D8C269AB8C297C1 --renderer-client-id=4403 --mojo-platform-channel-handle=5112 /prefetch:1
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-25766dba-cc81-4fde-a3ee-6e86fd5e9636 -SystemEventPortName:HostProcess-194d6136-e8d1-4d0f-9977-88468b37edbd -IoCancelEventPortName:HostProcess-e218cf08-8e2b-4d13-872a-5d9067a37163 -NonStateChangingEventPortName:HostProcess-859b2917-8901-4c53-876b-8ef24ee6c98e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:18309754-1c30-4fb8-a3e1-60cec081aa29 -DeviceGroupId:WpdFsGroup

C:\Windows\splwow64.exe 8192
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="1848.71.1203679348\818406881" -childID 9 -isForBrowser -prefsHandle 3240 -prefsLen 12270 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 1848 "\\.\pipe\gecko-crash-server-pipe.1848" 6872 tab
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=6958D02A38D8F2CBF1F769415B9071E9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=6958D02A38D8F2CBF1F769415B9071E9 --renderer-client-id=4732 --mojo-platform-channel-handle=17980 /prefetch:1
taskhost.exe
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=E5D944074B742358FAF434C75B9EBB0C --lang=en-US --lang=en-US --log-file="C:\Users\oldřich\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.3.2987.1601 Safari/537.36 Avastium (18.6.2349)" --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=E5D944074B742358FAF434C75B9EBB0C --renderer-client-id=20 --mojo-platform-channel-handle=7380 /prefetch:1
"C:\Games\World_of_Tanks\WoTLauncher.exe"
taskeng.exe {A67AD394-EA9B-4C82-B6CC-4C2D8431AB54}
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=62C06CF9F400F6E7114B610A29858066 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=62C06CF9F400F6E7114B610A29858066 --renderer-client-id=4754 --mojo-platform-channel-handle=3580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=C6552C6440A3E0D4ED31C4D33914CAB3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=C6552C6440A3E0D4ED31C4D33914CAB3 --renderer-client-id=4755 --mojo-platform-channel-handle=13600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=863B9E0835A5DA8FDC72BE0BA14CD568 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=863B9E0835A5DA8FDC72BE0BA14CD568 --renderer-client-id=4756 --mojo-platform-channel-handle=10508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=070566535E775E112441EBA99FE58F73 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=070566535E775E112441EBA99FE58F73 --renderer-client-id=4757 --mojo-platform-channel-handle=7396 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=00074252F1B1DCDC7A683C1BEA4ACBC3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=00074252F1B1DCDC7A683C1BEA4ACBC3 --renderer-client-id=4758 --mojo-platform-channel-handle=19424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=EAAEE1262A88E984D3335C9E79EDBC00 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=EAAEE1262A88E984D3335C9E79EDBC00 --renderer-client-id=4762 --mojo-platform-channel-handle=6552 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=EB290EF5FC7530EAE82A9CFE4471F0A3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=EB290EF5FC7530EAE82A9CFE4471F0A3 --renderer-client-id=4764 --mojo-platform-channel-handle=19004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=93276DB3F4197B595B260677EB7F0B16 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=93276DB3F4197B595B260677EB7F0B16 --renderer-client-id=4772 --mojo-platform-channel-handle=15676 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1208,6641036376897912916,11608116002266200170,131072 --service-pipe-token=F4056B47D5915CBDCAC428C48C589915 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=3 --enable-main-frame-before-activation --service-request-channel-token=F4056B47D5915CBDCAC428C48C589915 --renderer-client-id=4774 --mojo-platform-channel-handle=15996 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe130_ Global\UsGthrCtrlFltPipeMssGthrPipe130 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Users\oldřich\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Avast Driver Updater Startup.job - C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe# -boot#

=========Mozilla firefox=========

ProfilePath - C:\Users\oldřich\AppData\Roaming\Mozilla\Firefox\Profiles\g86mik7h.default

prefs.js - "browser.startup.homepage" - "http://cz2.herozerogame.com/|https://s1 ... in/client/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-08-22 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-08-22 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-08-22 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-08-22 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-08-22 242392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Driver Updater"=C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe [2018-07-23 5837472]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-08 49762136]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2018-06-25 3139936]
"movavi_videoconverter_agent"=C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium\ConverterAgent.exe [2018-08-28 684040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"DXTempFolder"=C:\Windows\system32\advpack.dll [2014-11-21 142848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-30 11:42:00 ----D---- C:\rsit
2018-08-30 11:42:00 ----D---- C:\Program Files\trend micro
2018-08-30 11:28:52 ----D---- C:\totalcmd
2018-08-30 10:47:07 ----A---- C:\Windows\UC.PIF
2018-08-30 10:47:07 ----A---- C:\Windows\RAR.PIF
2018-08-30 10:47:07 ----A---- C:\Windows\PKZIP.PIF
2018-08-30 10:47:07 ----A---- C:\Windows\PKUNZIP.PIF
2018-08-30 10:47:07 ----A---- C:\Windows\NOCLOSE.PIF
2018-08-30 10:47:07 ----A---- C:\Windows\LHA.PIF
2018-08-30 10:47:07 ----A---- C:\Windows\ARJ.PIF
2018-08-28 21:06:26 ----D---- C:\ProgramData\free-videoconverter
2018-08-28 21:06:26 ----D---- C:\Program Files (x86)\free-videoconverter
2018-08-28 21:02:28 ----D---- C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium
2018-08-27 23:26:42 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2018-08-27 23:26:41 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2018-08-27 23:26:41 ----A---- C:\Windows\system32\d3dx9_25.dll
2018-08-27 23:26:40 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2018-08-27 23:26:40 ----A---- C:\Windows\system32\d3dx9_24.dll
2018-08-27 23:24:58 ----HD---- C:\Windows\msdownld.tmp
2018-08-27 23:24:58 ----D---- C:\Windows\SYSWOW64\directx
2018-08-27 23:24:55 ----D---- C:\Games
2018-08-25 12:33:27 ----D---- C:\Users\oldřich\AppData\Roaming\OpenOffice
2018-08-25 12:31:39 ----D---- C:\Users\oldřich\AppData\Roaming\IrfanView
2018-08-25 12:31:39 ----D---- C:\Program Files\IrfanView
2018-08-25 12:29:01 ----D---- C:\Program Files (x86)\OpenOffice 4
2018-08-24 21:32:44 ----D---- C:\Users\oldřich\AppData\Roaming\GHISLER
2018-08-24 13:32:53 ----D---- C:\Users\oldřich\AppData\Roaming\Skype
2018-08-24 13:32:43 ----D---- C:\Program Files (x86)\Microsoft
2018-08-23 17:42:02 ----A---- C:\Windows\system32\sppsvc.exe
2018-08-23 17:42:00 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2018-08-23 17:41:59 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2018-08-23 17:41:47 ----A---- C:\Windows\system32\sppobjs.dll
2018-08-23 17:41:44 ----A---- C:\Windows\system32\CertEnroll.dll
2018-08-23 17:41:43 ----A---- C:\Windows\system32\sppwinob.dll
2018-08-23 17:41:42 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2018-08-23 17:41:41 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2018-08-23 17:41:41 ----A---- C:\Windows\system32\drivers\mup.sys
2018-08-23 17:41:40 ----A---- C:\Windows\system32\webio.dll
2018-08-23 17:41:40 ----A---- C:\Windows\system32\iphlpsvc.dll
2018-08-23 17:41:39 ----A---- C:\Windows\SYSWOW64\webio.dll
2018-08-23 17:41:39 ----A---- C:\Windows\system32\Windows.Devices.Geolocation.dll
2018-08-23 17:41:39 ----A---- C:\Windows\system32\rdpcore.dll
2018-08-23 17:41:36 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2018-08-23 17:41:36 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2018-08-23 17:41:34 ----A---- C:\Windows\SYSWOW64\Windows.Devices.Geolocation.dll
2018-08-23 17:41:34 ----A---- C:\Windows\system32\LocationApi.dll
2018-08-23 17:41:34 ----A---- C:\Windows\system32\gpresult.exe
2018-08-23 17:41:31 ----A---- C:\Windows\system32\fveapi.dll
2018-08-23 17:41:30 ----A---- C:\Windows\SYSWOW64\cryptxml.dll
2018-08-23 17:41:30 ----A---- C:\Windows\system32\cryptxml.dll
2018-08-23 17:41:29 ----A---- C:\Windows\SYSWOW64\LocationApi.dll
2018-08-23 17:41:28 ----A---- C:\Windows\SYSWOW64\UserAccountBroker.exe
2018-08-23 17:41:28 ----A---- C:\Windows\system32\WebClnt.dll
2018-08-23 17:41:28 ----A---- C:\Windows\system32\UserAccountBroker.exe
2018-08-23 17:41:27 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2018-08-23 17:41:27 ----A---- C:\Windows\system32\hbaapi.dll
2018-08-23 17:41:27 ----A---- C:\Windows\system32\BdeHdCfgLib.dll
2018-08-23 17:41:26 ----A---- C:\Windows\system32\bdesvc.dll
2018-08-23 17:41:19 ----A---- C:\Windows\SYSWOW64\hbaapi.dll
2018-08-23 17:41:19 ----A---- C:\Windows\SYSWOW64\gpresult.exe
2018-08-23 17:41:18 ----A---- C:\Windows\system32\httpprxm.dll
2018-08-23 17:41:18 ----A---- C:\Windows\system32\fvecpl.dll
2018-08-23 17:41:17 ----A---- C:\Windows\system32\httpprxp.dll
2018-08-23 17:41:17 ----A---- C:\Windows\system32\adhsvc.dll
2018-08-23 17:27:57 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-08-23 17:22:47 ----D---- C:\Windows\system32\appraiser
2018-08-23 17:22:47 ----D---- C:\Windows\Migration
2018-08-23 17:10:32 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-08-23 17:10:32 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-08-23 15:51:27 ----D---- C:\Windows\system32\MRT
2018-08-23 15:51:21 ----AC---- C:\Windows\system32\MRT.exe
2018-08-23 14:44:24 ----A---- C:\Windows\SYSWOW64\polstore.dll
2018-08-23 14:44:24 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2018-08-23 14:44:24 ----A---- C:\Windows\system32\polstore.dll
2018-08-23 14:44:24 ----A---- C:\Windows\system32\IPSECSVC.DLL
2018-08-23 14:44:24 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2018-08-23 14:44:22 ----A---- C:\Windows\system32\WiFiDisplay.dll
2018-08-23 14:44:21 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2018-08-23 14:44:21 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2018-08-23 14:44:21 ----A---- C:\Windows\SYSWOW64\cfgbkend.dll
2018-08-23 14:44:21 ----A---- C:\Windows\system32\EncDec.dll
2018-08-23 14:44:21 ----A---- C:\Windows\system32\CPFilters.dll
2018-08-23 14:44:21 ----A---- C:\Windows\system32\cfgbkend.dll
2018-08-23 14:44:19 ----A---- C:\Windows\SYSWOW64\calc.exe
2018-08-23 14:44:19 ----A---- C:\Windows\system32\calc.exe
2018-08-23 14:32:36 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll
2018-08-23 14:32:36 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll
2018-08-23 14:32:20 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2018-08-23 14:32:20 ----A---- C:\Windows\system32\SHCore.dll
2018-08-23 14:32:14 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2018-08-23 14:32:14 ----A---- C:\Windows\system32\sdbinst.exe
2018-08-23 14:32:14 ----A---- C:\Windows\system32\drivers\rasl2tp.sys
2018-08-23 14:32:14 ----A---- C:\Windows\system32\drivers\bthhfenum.sys
2018-08-23 14:32:14 ----A---- C:\Windows\system32\apphelp.dll
2018-08-23 14:32:13 ----A---- C:\Windows\SYSWOW64\qedit.dll
2018-08-23 14:32:13 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2018-08-23 14:32:13 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2018-08-23 14:32:13 ----A---- C:\Windows\system32\qedit.dll
2018-08-23 14:32:13 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2018-08-23 14:32:12 ----A---- C:\Windows\system32\drivers\tunnel.sys
2018-08-23 14:32:12 ----A---- C:\Windows\system32\d2d1.dll
2018-08-23 14:32:06 ----A---- C:\Windows\system32\drivers\tpm.sys
2018-08-23 14:32:06 ----A---- C:\Windows\system32\drivers\rmcast.sys
2018-08-23 14:32:05 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2018-08-23 14:32:05 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2018-08-23 14:32:05 ----A---- C:\Windows\system32\WerFaultSecure.exe
2018-08-23 14:32:05 ----A---- C:\Windows\system32\VSSVC.exe
2018-08-23 14:32:05 ----A---- C:\Windows\system32\Faultrep.dll
2018-08-23 14:32:05 ----A---- C:\Windows\system32\EncDump.dll
2018-08-23 14:32:05 ----A---- C:\Windows\system32\AuthHost.exe
2018-08-23 14:32:05 ----A---- C:\Windows\system32\audiosrv.dll
2018-08-23 14:32:05 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2018-08-23 14:32:04 ----A---- C:\Windows\SYSWOW64\Windows.UI.dll
2018-08-23 14:32:04 ----A---- C:\Windows\system32\Windows.UI.dll
2018-08-23 14:32:02 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2018-08-23 14:32:02 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2018-08-23 14:32:02 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2018-08-23 14:32:02 ----A---- C:\Windows\system32\WMVDECOD.DLL
2018-08-23 14:32:02 ----A---- C:\Windows\system32\WMADMOD.DLL
2018-08-23 14:32:02 ----A---- C:\Windows\system32\msmpeg2adec.dll
2018-08-23 14:32:02 ----A---- C:\Windows\system32\mfnetsrc.dll
2018-08-23 14:32:01 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2018-08-23 14:32:01 ----A---- C:\Windows\SYSWOW64\evr.dll
2018-08-23 14:32:01 ----A---- C:\Windows\system32\WMVSDECD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\system32\WMVENCOD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2018-08-23 14:32:01 ----A---- C:\Windows\system32\mfnetcore.dll
2018-08-23 14:32:01 ----A---- C:\Windows\system32\evr.dll
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\devenum.dll
2018-08-23 14:32:00 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\WMVSENCD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2018-08-23 14:32:00 ----A---- C:\Windows\system32\WMADMOE.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\VIDRESZR.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\SysFxUI.dll
2018-08-23 14:32:00 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\qdvd.dll
2018-08-23 14:32:00 ----A---- C:\Windows\system32\MPG4DECD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\MP4SDECD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\MP43DECD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\MP3DMOD.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2018-08-23 14:32:00 ----A---- C:\Windows\system32\mfvdsp.dll
2018-08-23 14:32:00 ----A---- C:\Windows\system32\devenum.dll
2018-08-23 14:32:00 ----A---- C:\Windows\system32\COLORCNV.DLL
2018-08-23 14:31:58 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2018-08-23 14:31:58 ----A---- C:\Windows\system32\photowiz.dll
2018-08-23 14:31:42 ----A---- C:\Windows\system32\drivers\ahcache.sys
2018-08-23 14:28:58 ----A---- C:\Windows\SYSWOW64\tdh.dll
2018-08-23 14:28:58 ----A---- C:\Windows\system32\tdh.dll
2018-08-23 14:26:54 ----A---- C:\Windows\SYSWOW64\sechost.dll
2018-08-23 14:26:54 ----A---- C:\Windows\system32\sechost.dll
2018-08-23 14:26:53 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2018-08-23 14:26:53 ----A---- C:\Windows\system32\tracerpt.exe
2018-08-23 14:26:29 ----A---- C:\Windows\system32\SystemSettingsDatabase.dll
2018-08-23 14:21:11 ----A---- C:\Windows\system32\drivers\vpci.sys
2018-08-23 14:21:09 ----A---- C:\Windows\system32\drivers\sermouse.sys
2018-08-23 14:21:09 ----A---- C:\Windows\system32\drivers\mouhid.sys
2018-08-23 14:21:09 ----A---- C:\Windows\system32\drivers\mouclass.sys
2018-08-23 14:21:09 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2018-08-23 14:21:09 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2018-08-23 14:21:09 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2018-08-23 14:20:50 ----A---- C:\Windows\SYSWOW64\Windows.UI.Input.Inking.dll
2018-08-23 14:20:50 ----A---- C:\Windows\system32\Windows.UI.Input.Inking.dll
2018-08-23 14:20:49 ----A---- C:\Windows\system32\workfolderssvc.dll
2018-08-23 14:20:49 ----A---- C:\Windows\system32\WorkfoldersControl.dll
2018-08-23 14:20:46 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2018-08-23 14:20:46 ----A---- C:\Windows\system32\InkEd.dll
2018-08-23 14:20:44 ----A---- C:\Windows\SYSWOW64\SRH.dll
2018-08-23 14:20:44 ----A---- C:\Windows\system32\SRH.dll
2018-08-23 14:20:43 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2018-08-23 14:20:43 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2018-08-23 14:20:43 ----A---- C:\Windows\system32\dbghelp.dll
2018-08-23 14:20:43 ----A---- C:\Windows\system32\dbgeng.dll
2018-08-23 14:20:40 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2018-08-23 14:20:40 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2018-08-23 14:20:39 ----A---- C:\Windows\system32\wscsvc.dll
2018-08-23 14:20:39 ----A---- C:\Windows\system32\wscapi.dll
2018-08-23 14:20:38 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2018-08-23 14:20:38 ----A---- C:\Windows\SYSWOW64\themecpl.dll
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\stobject.dll
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\SettingSync.dll
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\SettingMonitor.dll
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\hgcpl.dll
2018-08-23 14:20:37 ----A---- C:\Windows\SYSWOW64\AppxAllUserStore.dll
2018-08-23 14:20:34 ----A---- C:\Windows\system32\usercpl.dll
2018-08-23 14:20:34 ----A---- C:\Windows\system32\themecpl.dll
2018-08-23 14:20:34 ----A---- C:\Windows\system32\stobject.dll
2018-08-23 14:20:33 ----A---- C:\Windows\system32\SettingSyncHost.exe
2018-08-23 14:20:33 ----A---- C:\Windows\system32\SettingSyncCore.dll
2018-08-23 14:20:33 ----A---- C:\Windows\system32\SettingSync.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\SystemSettingsAdminFlows.exe
2018-08-23 14:20:32 ----A---- C:\Windows\system32\SettingsHandlers.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\SettingMonitor.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\hgcpl.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2018-08-23 14:20:32 ----A---- C:\Windows\system32\AppxAllUserStore.dll
2018-08-23 14:20:29 ----A---- C:\Windows\system32\drivers\hidbth.sys
2018-08-23 14:19:41 ----A---- C:\Windows\SYSWOW64\rsaenh.dll
2018-08-23 14:19:40 ----A---- C:\Windows\system32\rsaenh.dll
2018-08-23 14:19:37 ----A---- C:\Windows\system32\drivers\udfs.sys
2018-08-23 14:19:35 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2018-08-23 14:19:34 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2018-08-23 14:19:33 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2018-08-23 14:19:31 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2018-08-23 14:19:31 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2018-08-23 14:19:23 ----A---- C:\Windows\system32\mtxoci.dll
2018-08-23 14:18:51 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-08-23 14:13:50 ----A---- C:\Windows\system32\storewuauth.dll
2018-08-23 14:13:08 ----A---- C:\Windows\SYSWOW64\explorer.exe
2018-08-23 14:13:07 ----A---- C:\Windows\explorer.exe
2018-08-23 14:13:03 ----A---- C:\Windows\SYSWOW64\RestoreOptIn.exe
2018-08-23 14:13:03 ----A---- C:\Windows\system32\RestoreOptIn.exe
2018-08-23 14:12:59 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2018-08-23 14:12:59 ----A---- C:\Windows\system32\TsWpfWrp.exe
2018-08-23 14:12:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2018-08-23 14:12:43 ----A---- C:\Windows\system32\davclnt.dll
2018-08-23 14:12:29 ----A---- C:\Windows\system32\dssenh.dll
2018-08-23 14:12:28 ----A---- C:\Windows\SYSWOW64\dssenh.dll
2018-08-23 14:12:27 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2018-08-23 14:12:27 ----A---- C:\Windows\system32\ws2_32.dll
2018-08-23 14:12:27 ----A---- C:\Windows\system32\netcfgx.dll
2018-08-23 14:12:26 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2018-08-23 14:12:26 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2018-08-23 14:12:26 ----A---- C:\Windows\system32\mswsock.dll
2018-08-23 14:12:24 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2018-08-23 14:12:23 ----A---- C:\Windows\system32\csrsrv.dll
2018-08-23 14:12:22 ----A---- C:\Windows\system32\NcdAutoSetup.dll
2018-08-23 14:12:21 ----A---- C:\Windows\SYSWOW64\WinSync.dll
2018-08-23 14:12:21 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2018-08-23 14:12:21 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2018-08-23 14:12:21 ----A---- C:\Windows\system32\WinSync.dll
2018-08-23 14:12:21 ----A---- C:\Windows\system32\taskeng.exe
2018-08-23 14:12:21 ----A---- C:\Windows\system32\schtasks.exe
2018-08-23 14:12:14 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2018-08-23 14:12:14 ----A---- C:\Windows\SYSWOW64\PCPKsp.dll
2018-08-23 14:12:14 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2018-08-23 14:12:14 ----A---- C:\Windows\system32\WMPhoto.dll
2018-08-23 14:12:14 ----A---- C:\Windows\system32\seclogon.dll
2018-08-23 14:12:14 ----A---- C:\Windows\system32\PCPKsp.dll
2018-08-23 14:12:14 ----A---- C:\Windows\system32\clfsw32.dll
2018-08-23 14:12:11 ----A---- C:\Windows\SYSWOW64\shacct.dll
2018-08-23 14:12:11 ----A---- C:\Windows\SYSWOW64\notepad.exe
2018-08-23 14:12:11 ----A---- C:\Windows\system32\shacct.dll
2018-08-23 14:12:11 ----A---- C:\Windows\system32\notepad.exe
2018-08-23 14:12:11 ----A---- C:\Windows\notepad.exe
2018-08-23 14:12:10 ----A---- C:\Windows\SYSWOW64\dsparse.dll
2018-08-23 14:12:10 ----A---- C:\Windows\system32\fhcpl.dll
2018-08-23 14:12:10 ----A---- C:\Windows\system32\dsparse.dll
2018-08-23 14:12:09 ----A---- C:\Windows\system32\drivers\sdbus.sys
2018-08-23 14:12:09 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2018-08-23 14:12:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-08-23 14:12:08 ----A---- C:\Windows\system32\sspicli.dll
2018-08-23 14:12:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-08-23 14:12:06 ----A---- C:\Windows\system32\drivers\winusb.sys
2018-08-23 14:12:06 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2018-08-23 14:12:05 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2018-08-23 14:12:05 ----A---- C:\Windows\SYSWOW64\dhcpsapi.dll
2018-08-23 14:12:05 ----A---- C:\Windows\system32\UIAutomationCore.dll
2018-08-23 14:12:05 ----A---- C:\Windows\system32\lsm.dll
2018-08-23 14:12:05 ----A---- C:\Windows\system32\dhcpsapi.dll
2018-08-23 14:12:04 ----A---- C:\Windows\system32\services.exe
2018-08-23 14:12:04 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-08-23 14:12:04 ----A---- C:\Windows\system32\drivers\usb8023.sys
2018-08-23 14:12:03 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2018-08-23 14:12:03 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-08-23 14:12:03 ----A---- C:\Windows\system32\WSShared.dll
2018-08-23 14:12:03 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-08-23 14:12:00 ----A---- C:\Windows\system32\basesrv.dll
2018-08-23 14:11:59 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2018-08-23 14:11:59 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2018-08-23 14:11:58 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2018-08-23 14:11:58 ----A---- C:\Windows\SYSWOW64\WMASF.DLL
2018-08-23 14:11:58 ----A---- C:\Windows\system32\wpdshext.dll
2018-08-23 14:11:58 ----A---- C:\Windows\system32\WMASF.DLL
2018-08-23 14:11:57 ----A---- C:\Windows\system32\profsvc.dll
2018-08-23 14:11:55 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2018-08-23 14:11:55 ----A---- C:\Windows\system32\comctl32.dll
2018-08-23 14:11:54 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2018-08-23 14:11:53 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2018-08-23 14:11:53 ----A---- C:\Windows\system32\poqexec.exe
2018-08-23 14:11:49 ----A---- C:\Windows\SYSWOW64\mfds.dll
2018-08-23 14:11:49 ----A---- C:\Windows\system32\mfds.dll
2018-08-23 14:11:49 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2018-08-23 14:11:48 ----A---- C:\Windows\system32\tzsync.exe
2018-08-23 14:11:43 ----A---- C:\Windows\SYSWOW64\StorageContextHandler.dll
2018-08-23 14:11:43 ----A---- C:\Windows\system32\wwanmm.dll
2018-08-23 14:11:43 ----A---- C:\Windows\system32\wwanconn.dll
2018-08-23 14:11:43 ----A---- C:\Windows\system32\StorageContextHandler.dll
2018-08-23 14:11:43 ----A---- C:\Windows\system32\pnidui.dll
2018-08-23 14:11:43 ----A---- C:\Windows\system32\drivers\volsnap.sys
2018-08-23 14:11:37 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2018-08-23 14:11:37 ----A---- C:\Windows\system32\MrmCoreR.dll
2018-08-23 14:11:36 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2018-08-23 14:11:36 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2018-08-23 14:11:36 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2018-08-23 14:11:36 ----A---- C:\Windows\SYSWOW64\atlthunk.dll
2018-08-23 14:11:36 ----A---- C:\Windows\system32\pku2u.dll
2018-08-23 14:11:36 ----A---- C:\Windows\system32\mfc42u.dll
2018-08-23 14:11:36 ----A---- C:\Windows\system32\mfc42.dll
2018-08-23 14:11:35 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2018-08-23 14:11:35 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2018-08-23 14:11:35 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2018-08-23 14:11:35 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\invagent.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\eapphost.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\eappgnui.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\eappcfg.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\eapp3hst.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\centel.dll
2018-08-23 14:11:35 ----A---- C:\Windows\system32\aitstatic.exe
2018-08-23 14:11:34 ----A---- C:\Windows\system32\LockScreenContentServer.exe
2018-08-23 14:11:34 ----A---- C:\Windows\system32\generaltel.dll
2018-08-23 14:11:34 ----A---- C:\Windows\system32\devinv.dll
2018-08-23 14:11:34 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-08-23 14:11:34 ----A---- C:\Windows\system32\appraiser.dll
2018-08-23 14:11:34 ----A---- C:\Windows\system32\aepic.dll
2018-08-23 14:11:34 ----A---- C:\Windows\system32\aeinv.dll
2018-08-23 14:11:34 ----A---- C:\Windows\system32\acmigration.dll
2018-08-23 14:11:01 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2018-08-23 14:11:01 ----A---- C:\Windows\system32\UtcResources.dll
2018-08-23 14:11:01 ----A---- C:\Windows\system32\t2embed.dll
2018-08-23 14:11:01 ----A---- C:\Windows\system32\fontsub.dll
2018-08-23 14:11:01 ----A---- C:\Windows\system32\certprop.dll
2018-08-23 14:11:00 ----A---- C:\Windows\SYSWOW64\wincorlib.dll
2018-08-23 14:11:00 ----A---- C:\Windows\SYSWOW64\glcndFilter.dll
2018-08-23 14:11:00 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-08-23 14:11:00 ----A---- C:\Windows\SYSWOW64\DafPrintProvider.dll
2018-08-23 14:11:00 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2018-08-23 14:11:00 ----A---- C:\Windows\system32\ScDeviceEnum.dll
2018-08-23 14:11:00 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-23 14:11:00 ----A---- C:\Windows\system32\GlobCollationHost.dll
2018-08-23 14:11:00 ----A---- C:\Windows\system32\glcndFilter.dll
2018-08-23 14:11:00 ----A---- C:\Windows\system32\diagtrack.dll
2018-08-23 14:10:59 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2018-08-23 14:10:59 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-08-23 14:10:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-08-23 14:10:58 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-08-23 14:10:58 ----A---- C:\Windows\system32\wow64cpu.dll
2018-08-23 14:10:58 ----A---- C:\Windows\system32\iedkcs32.dll
2018-08-23 14:10:58 ----A---- C:\Windows\system32\drivers\cmimcext.sys
2018-08-23 14:10:57 ----A---- C:\Windows\SYSWOW64\user32.dll
2018-08-23 14:10:57 ----A---- C:\Windows\SYSWOW64\rastls.dll
2018-08-23 14:10:57 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-08-23 14:10:57 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-08-23 14:10:57 ----A---- C:\Windows\system32\urlmon.dll
2018-08-23 14:10:57 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\tquery.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-08-23 14:10:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-08-23 14:10:56 ----A---- C:\Windows\system32\wow64.dll
2018-08-23 14:10:56 ----A---- C:\Windows\system32\vbscript.dll
2018-08-23 14:10:56 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2018-08-23 14:10:56 ----A---- C:\Windows\system32\drivers\scfilter.sys
2018-08-23 14:10:56 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2018-08-23 14:10:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-08-23 14:10:56 ----A---- C:\Windows\system32\actxprxy.dll
2018-08-23 14:10:55 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-08-23 14:10:55 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-23 14:10:54 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-08-23 14:10:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-08-23 14:10:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-08-23 14:10:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-08-23 14:10:54 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2018-08-23 14:10:54 ----A---- C:\Windows\system32\user32.dll
2018-08-23 14:10:54 ----A---- C:\Windows\system32\rastls.dll
2018-08-23 14:10:54 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2018-08-23 14:10:54 ----A---- C:\Windows\system32\iertutil.dll
2018-08-23 14:10:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-08-23 14:10:54 ----A---- C:\Windows\system32\drivers\BasicRender.sys
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2018-08-23 14:10:53 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\wuaext.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\winhttp.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\TSpkg.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\msv1_0.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\msiexec.exe
2018-08-23 14:10:53 ----A---- C:\Windows\system32\gdi32.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\FntCache.dll
2018-08-23 14:10:53 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2018-08-23 14:10:53 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-08-23 14:10:52 ----A---- C:\Windows\system32\ntdll.dll
2018-08-23 14:10:52 ----A---- C:\Windows\system32\drivers\refs.sys
2018-08-23 14:10:52 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-08-23 14:10:52 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-23 14:10:52 ----A---- C:\Windows\system32\DafPrintProvider.dll
2018-08-23 14:10:52 ----A---- C:\Windows\system32\atmfd.dll
2018-08-23 14:10:51 ----A---- C:\Windows\system32\tquery.dll
2018-08-23 14:10:51 ----A---- C:\Windows\system32\jscript.dll
2018-08-23 14:10:51 ----A---- C:\Windows\system32\dxtrans.dll
2018-08-23 14:10:51 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-08-23 14:10:51 ----A---- C:\Windows\system32\drivers\spaceport.sys
2018-08-23 14:10:51 ----A---- C:\Windows\system32\drivers\pdc.sys
2018-08-23 14:10:50 ----A---- C:\Windows\system32\webcheck.dll
2018-08-23 14:10:50 ----A---- C:\Windows\system32\jscript9.dll
2018-08-23 14:10:50 ----A---- C:\Windows\system32\ieframe.dll
2018-08-23 14:10:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-08-23 14:10:49 ----A---- C:\Windows\system32\ieui.dll
2018-08-23 14:10:48 ----A---- C:\Windows\system32\win32k.sys
2018-08-23 14:10:48 ----A---- C:\Windows\system32\msftedit.dll
2018-08-23 14:10:48 ----A---- C:\Windows\system32\DWrite.dll
2018-08-23 14:10:48 ----A---- C:\Windows\system32\dwmcore.dll
2018-08-23 14:10:48 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-08-23 14:10:47 ----A---- C:\Windows\system32\wuaueng.dll
2018-08-23 14:10:47 ----A---- C:\Windows\system32\wininet.dll
2018-08-23 14:10:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2018-08-23 14:10:47 ----A---- C:\Windows\system32\msxml6.dll
2018-08-23 14:10:47 ----A---- C:\Windows\system32\msxml3.dll
2018-08-23 14:10:47 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-08-23 14:10:46 ----A---- C:\Windows\system32\Wldap32.dll
2018-08-23 14:10:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-23 14:10:46 ----A---- C:\Windows\system32\msi.dll
2018-08-23 14:10:46 ----A---- C:\Windows\system32\kerberos.dll
2018-08-23 14:10:46 ----A---- C:\Windows\system32\drivers\http.sys
2018-08-23 14:10:46 ----A---- C:\Windows\system32\dnsapi.dll
2018-08-23 14:10:45 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2018-08-23 14:10:45 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2018-08-23 14:10:45 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-08-23 14:10:45 ----A---- C:\Windows\system32\mshtml.dll
2018-08-23 14:10:45 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-23 14:10:45 ----A---- C:\Windows\system32\drivers\afd.sys
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\wfdprov.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\rasman.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\quartz.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\mssph.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\iscsiwmi.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\IPHLPAPI.DLL
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-08-23 14:10:44 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\wudriver.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\WsmWmiPl.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\WsmAuto.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2018-08-23 14:10:44 ----A---- C:\Windows\system32\nshwfp.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\icfupgd.dll
2018-08-23 14:10:44 ----A---- C:\Windows\system32\drivers\rdbss.sys
2018-08-23 14:10:44 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\rasppp.dll
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\hlink.dll
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\combase.dll
2018-08-23 14:10:43 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2018-08-23 14:10:43 ----A---- C:\Windows\system32\wuwebv.dll
2018-08-23 14:10:43 ----A---- C:\Windows\system32\WsmSvc.dll
2018-08-23 14:10:43 ----A---- C:\Windows\system32\ucrtbase.dll
2018-08-23 14:10:43 ----A---- C:\Windows\system32\rpcss.dll
2018-08-23 14:10:43 ----A---- C:\Windows\system32\iscsiwmi.dll
2018-08-23 14:10:43 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-23 14:10:43 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-08-23 14:10:42 ----A---- C:\Windows\SYSWOW64\sscore.dll
2018-08-23 14:10:42 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2018-08-23 14:10:42 ----A---- C:\Windows\system32\wevtsvc.dll
2018-08-23 14:10:42 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2018-08-23 14:10:42 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-08-23 14:10:42 ----A---- C:\Windows\system32\drivers\agilevpn.sys
2018-08-23 14:10:41 ----A---- C:\Windows\SYSWOW64\wer.dll
2018-08-23 14:10:41 ----A---- C:\Windows\SYSWOW64\storagewmi.dll
2018-08-23 14:10:41 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2018-08-23 14:10:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-08-23 14:10:41 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-08-23 14:10:41 ----A---- C:\Windows\system32\smbwmiv2.dll
2018-08-23 14:10:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2018-08-23 14:10:41 ----A---- C:\Windows\system32\quartz.dll
2018-08-23 14:10:41 ----A---- C:\Windows\system32\mssphtb.dll
2018-08-23 14:10:41 ----A---- C:\Windows\system32\mssph.dll
2018-08-23 14:10:41 ----A---- C:\Windows\system32\gpsvc.dll
2018-08-23 14:10:41 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\twinui.dll
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\msctf.dll
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-08-23 14:10:40 ----A---- C:\Windows\SYSWOW64\compstui.dll
2018-08-23 14:10:40 ----A---- C:\Windows\system32\twinui.appcore.dll
2018-08-23 14:10:40 ----A---- C:\Windows\system32\rasppp.dll
2018-08-23 14:10:40 ----A---- C:\Windows\system32\rasman.dll
2018-08-23 14:10:40 ----A---- C:\Windows\system32\rascustom.dll
2018-08-23 14:10:40 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2018-08-23 14:10:40 ----A---- C:\Windows\system32\authui.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-08-23 14:10:39 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-08-23 14:10:39 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2018-08-23 14:10:39 ----A---- C:\Windows\system32\wuapp.exe
2018-08-23 14:10:39 ----A---- C:\Windows\system32\wuapi.dll
2018-08-23 14:10:39 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2018-08-23 14:10:39 ----A---- C:\Windows\system32\combase.dll
2018-08-23 14:10:39 ----A---- C:\Windows\system32\appidsvc.dll
2018-08-23 14:10:38 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-08-23 14:10:38 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2018-08-23 14:10:38 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-08-23 14:10:38 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-08-23 14:10:38 ----A---- C:\Windows\system32\wmp.dll
2018-08-23 14:10:38 ----A---- C:\Windows\system32\sscore.dll
2018-08-23 14:10:38 ----A---- C:\Windows\system32\samlib.dll
2018-08-23 14:10:38 ----A---- C:\Windows\system32\netlogon.dll
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\storport.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\srv.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-08-23 14:10:38 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-08-23 14:10:37 ----A---- C:\Windows\SYSWOW64\samlib.dll
2018-08-23 14:10:37 ----A---- C:\Windows\system32\storagewmi.dll
2018-08-23 14:10:37 ----A---- C:\Windows\system32\mssvp.dll
2018-08-23 14:10:37 ----A---- C:\Windows\system32\mssrch.dll
2018-08-23 14:10:37 ----A---- C:\Windows\system32\advapi32.dll
2018-08-23 14:10:36 ----A---- C:\Windows\system32\wer.dll
2018-08-23 14:10:36 ----A---- C:\Windows\system32\msctf.dll
2018-08-23 14:10:36 ----A---- C:\Windows\system32\dxtmsft.dll
2018-08-23 14:10:36 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-08-23 14:10:35 ----A---- C:\Windows\system32\zipfldr.dll
2018-08-23 14:10:35 ----A---- C:\Windows\system32\twinui.dll
2018-08-23 14:10:35 ----A---- C:\Windows\system32\termsrv.dll
2018-08-23 14:10:35 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\win32spl.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\vpnike.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\rasapi32.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\MPSSVC.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\localspl.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\IKEEXT.DLL
2018-08-23 14:10:34 ----A---- C:\Windows\system32\compstui.dll
2018-08-23 14:10:34 ----A---- C:\Windows\system32\BFE.DLL
2018-08-23 14:10:33 ----A---- C:\Windows\system32\wucltux.dll
2018-08-23 14:10:33 ----A---- C:\Windows\system32\wuauclt.exe
2018-08-23 14:10:33 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-23 14:10:33 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-08-23 14:10:33 ----A---- C:\Windows\system32\inetcomm.dll
2018-08-23 14:10:33 ----A---- C:\Windows\system32\consent.exe
2018-08-23 14:10:33 ----A---- C:\Windows\HelpPane.exe
2018-08-23 14:10:32 ----A---- C:\Windows\system32\WinSCard.dll
2018-08-23 14:10:32 ----A---- C:\Windows\system32\winlogon.exe
2018-08-23 14:10:32 ----A---- C:\Windows\system32\schannel.dll
2018-08-23 14:10:32 ----A---- C:\Windows\system32\ole32.dll
2018-08-23 14:10:32 ----A---- C:\Windows\system32\comsvcs.dll
2018-08-23 14:10:32 ----A---- C:\Windows\system32\appinfo.dll
2018-08-23 14:10:32 ----A---- C:\Windows\system32\appidapi.dll
2018-08-23 14:10:31 ----A---- C:\Windows\system32\Windows.Globalization.dll
2018-08-23 14:10:31 ----A---- C:\Windows\system32\pcasvc.dll
2018-08-23 14:10:31 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-23 14:10:31 ----A---- C:\Windows\system32\drivers\clfs.sys
2018-08-23 14:10:31 ----A---- C:\Windows\system32\crypt32.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\WinTypes.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\srvsvc.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\samsrv.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\oleaut32.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\ncrypt.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\lsasrv.dll
2018-08-23 14:10:30 ----A---- C:\Windows\system32\dpapisrv.dll
2018-08-23 14:10:29 ----A---- C:\Windows\system32\rpcrt4.dll
2018-08-23 14:10:29 ----A---- C:\Windows\system32\KernelBase.dll
2018-08-23 14:10:29 ----A---- C:\Windows\system32\hal.dll
2018-08-23 14:10:29 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2018-08-23 14:10:29 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-08-23 14:10:28 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-08-23 14:10:28 ----A---- C:\Windows\SYSWOW64\WinTypes.dll
2018-08-23 14:10:28 ----A---- C:\Windows\system32\wermgr.exe
2018-08-23 14:10:27 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2018-08-23 14:10:27 ----A---- C:\Windows\system32\shell32.dll
2018-08-23 14:10:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\scksp.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\PCPTpm12.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\mprddm.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\certenc.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-08-23 14:10:24 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\wlansec.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\wlanmsm.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\wlanapi.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\wfdprov.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\scksp.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\rdsdwmdr.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\rdpudd.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\rdpcorets.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\PCPTpm12.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\mprddm.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\certenc.dll
2018-08-23 14:10:24 ----A---- C:\Windows\system32\basecsp.dll
2018-08-23 14:10:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-08-23 14:10:23 ----A---- C:\Windows\SYSWOW64\certutil.exe
2018-08-23 14:10:23 ----A---- C:\Windows\system32\wlansvc.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\wfapigp.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\TpmTasks.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\rasmans.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\ProximityService.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\mstscax.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\msrating.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\mshtmled.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\iepeers.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\hlink.dll
2018-08-23 14:10:23 ----A---- C:\Windows\system32\drivers\nwifi.sys
2018-08-23 14:10:23 ----A---- C:\Windows\system32\certutil.exe
2018-08-23 14:10:23 ----A---- C:\Windows\system32\certcli.dll
2018-08-23 14:10:22 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2018-08-23 14:10:22 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2018-08-23 14:10:22 ----A---- C:\Windows\system32\winresume.exe
2018-08-23 14:10:22 ----A---- C:\Windows\system32\winload.exe
2018-08-23 14:10:22 ----A---- C:\Windows\system32\ncryptsslp.dll
2018-08-23 14:10:22 ----A---- C:\Windows\system32\drivers\stornvme.sys
2018-08-23 14:10:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-08-23 14:10:22 ----A---- C:\Windows\system32\drivers\fvevol.sys
2018-08-23 14:10:22 ----A---- C:\Windows\system32\drivers\dumpfve.sys
2018-08-23 14:10:22 ----A---- C:\Windows\system32\ci.dll
2018-08-23 14:10:22 ----A---- C:\Windows\system32\bcryptprimitives.dll
2018-08-23 14:10:22 ----A---- C:\Windows\system32\bcrypt.dll
2018-08-23 14:10:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2018-08-23 14:10:21 ----A---- C:\Windows\system32\drivers\cng.sys
2018-08-23 14:10:20 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2018-08-23 14:10:20 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2018-08-23 14:10:20 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2018-08-23 14:10:20 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2018-08-23 14:10:20 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2018-08-23 14:10:20 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2018-08-23 14:10:20 ----A---- C:\Windows\system32\esent.dll
2018-08-23 14:10:19 ----A---- C:\Windows\SYSWOW64\esent.dll
2018-08-23 14:10:19 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-08-23 14:10:19 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2018-08-23 14:10:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-08-23 14:10:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-08-23 14:10:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2018-08-23 14:10:18 ----A---- C:\Windows\system32\mmcndmgr.dll
2018-08-23 14:10:18 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2018-08-23 14:10:18 ----A---- C:\Windows\system32\mfcore.dll
2018-08-23 14:10:18 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\WsmAgent.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-08-23 14:10:17 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-08-23 14:10:16 ----A---- C:\Windows\system32\mispace.dll
2018-08-23 14:10:16 ----A---- C:\Windows\system32\GdiPlus.dll
2018-08-23 14:10:15 ----A---- C:\Windows\SYSWOW64\xpsrchvw.exe
2018-08-23 14:10:15 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2018-08-23 14:10:15 ----A---- C:\Windows\system32\inseng.dll
2018-08-23 14:10:15 ----A---- C:\Windows\system32\asycfilt.dll
2018-08-23 14:10:14 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2018-08-23 14:10:14 ----A---- C:\Windows\system32\mmc.exe
2018-08-23 14:10:13 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2018-08-23 14:10:13 ----A---- C:\Windows\SYSWOW64\WsmAgent.dll
2018-08-23 14:10:13 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2018-08-23 14:10:13 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2018-08-23 14:10:13 ----A---- C:\Windows\SYSWOW64\mispace.dll
2018-08-23 14:10:13 ----A---- C:\Windows\system32\xolehlp.dll
2018-08-23 14:10:13 ----A---- C:\Windows\system32\msdtcprx.dll
2018-08-23 14:10:13 ----A---- C:\Windows\system32\catsrvut.dll
2018-08-23 14:10:12 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2018-08-23 14:10:12 ----A---- C:\Windows\SYSWOW64\iscsidsc.dll
2018-08-23 14:10:12 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2018-08-23 14:10:12 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-08-23 14:10:12 ----A---- C:\Windows\system32\iscsidsc.dll
2018-08-23 14:10:11 ----A---- C:\Windows\SYSWOW64\mmc.exe
2018-08-23 14:10:11 ----A---- C:\Windows\system32\werdiagcontroller.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\untfs.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\ntvdm64.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\msdtctm.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\itss.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\iscsiexe.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\iprtrmgr.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-08-23 14:10:11 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-08-23 14:10:11 ----A---- C:\Windows\system32\atmlib.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\webservices.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\untfs.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2018-08-23 14:10:10 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2018-08-23 14:10:10 ----A---- C:\Windows\system32\Windows.Media.Streaming.dll
2018-08-23 14:10:10 ----A---- C:\Windows\system32\webservices.dll
2018-08-23 14:10:10 ----A---- C:\Windows\system32\puiobj.dll
2018-08-23 14:10:10 ----A---- C:\Windows\system32\d3d11.dll
2018-08-23 14:10:09 ----A---- C:\Windows\SYSWOW64\Windows.Media.Streaming.dll
2018-08-23 14:10:09 ----A---- C:\Windows\SYSWOW64\SessEnv.dll
2018-08-23 14:10:09 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2018-08-23 14:10:09 ----A---- C:\Windows\system32\schedsvc.dll
2018-08-23 14:10:09 ----A---- C:\Windows\system32\SessEnv.dll
2018-08-23 14:10:08 ----A---- C:\Windows\SYSWOW64\autoconv.exe
2018-08-23 14:10:08 ----A---- C:\Windows\system32\wbengine.exe
2018-08-23 14:10:08 ----A---- C:\Windows\system32\uxtheme.dll
2018-08-23 14:10:08 ----A---- C:\Windows\system32\sysmain.dll
2018-08-23 14:10:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.dll
2018-08-23 14:10:08 ----A---- C:\Windows\system32\autoconv.exe
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\wevtapi.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\uReFS.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\MsSpellCheckingFacility.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\itss.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2018-08-23 14:10:07 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\wevtapi.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\wdc.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\uReFS.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\tpmvsc.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\spoolsv.exe
2018-08-23 14:10:07 ----A---- C:\Windows\system32\scesrv.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\mprdim.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\mfsvr.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\drivers\netbt.sys
2018-08-23 14:10:07 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-08-23 14:10:07 ----A---- C:\Windows\system32\d3d10level9.dll
2018-08-23 14:10:07 ----A---- C:\Windows\system32\adtschema.dll
2018-08-23 14:10:06 ----A---- C:\Windows\SYSWOW64\WSDApi.dll
2018-08-23 14:10:06 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2018-08-23 14:10:06 ----A---- C:\Windows\SYSWOW64\puiapi.dll
2018-08-23 14:10:06 ----A---- C:\Windows\SYSWOW64\prnntfy.dll
2018-08-23 14:10:06 ----A---- C:\Windows\SYSWOW64\mprapi.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\umrdp.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\rdpclip.exe
2018-08-23 14:10:06 ----A---- C:\Windows\system32\puiapi.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\prnntfy.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\ntshrui.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\nlasvc.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\ncsi.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\msra.exe
2018-08-23 14:10:06 ----A---- C:\Windows\system32\mprapi.dll
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\pci.sys
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-08-23 14:10:06 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-08-23 14:10:05 ----A---- C:\Windows\SYSWOW64\wdc.dll
2018-08-23 14:10:05 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2018-08-23 14:10:05 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2018-08-23 14:10:05 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2018-08-23 14:10:05 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2018-08-23 14:10:05 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2018-08-23 14:10:05 ----A---- C:\Windows\system32\wisp.dll
2018-08-23 14:10:05 ----A---- C:\Windows\system32\wcncsvc.dll
2018-08-23 14:10:05 ----A---- C:\Windows\system32\UIAnimation.dll
2018-08-23 14:10:05 ----A---- C:\Windows\system32\ubpm.dll
2018-08-23 14:10:05 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2018-08-23 14:10:04 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2018-08-23 14:10:04 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2018-08-23 14:10:04 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2018-08-23 14:10:04 ----A---- C:\Windows\system32\WSDApi.dll
2018-08-23 14:10:04 ----A---- C:\Windows\system32\wintrust.dll
2018-08-23 14:10:04 ----A---- C:\Windows\system32\vmrdvcore.dll
2018-08-23 14:10:04 ----A---- C:\Windows\system32\mstsc.exe
2018-08-23 14:10:04 ----A---- C:\Windows\system32\drivers\tdx.sys
2018-08-23 14:10:04 ----A---- C:\Windows\system32\drivers\cdrom.sys
2018-08-23 14:10:04 ----A---- C:\Windows\system32\cryptnet.dll
2018-08-23 14:10:03 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2018-08-23 14:10:03 ----A---- C:\Windows\system32\wimserv.exe
2018-08-23 14:10:02 ----A---- C:\Windows\system32\wmitomi.dll
2018-08-23 14:10:02 ----A---- C:\Windows\system32\msinfo32.exe
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\wmitomi.dll
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\uudf.dll
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\pdh.dll
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\msdtcuiu.dll
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\mscms.dll
2018-08-23 14:10:01 ----A---- C:\Windows\SYSWOW64\ifsutil.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\wininit.exe
2018-08-23 14:10:01 ----A---- C:\Windows\system32\wimgapi.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\vdsbas.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\TabSvc.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\SCardSvr.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\rascfg.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\pdh.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\msdtcuiu.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\mscms.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\ifsutil.dll
2018-08-23 14:10:01 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2018-08-23 14:10:01 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2018-08-23 14:10:01 ----A---- C:\Windows\system32\drivers\luafv.sys
2018-08-23 14:10:01 ----A---- C:\Windows\system32\drivers\disk.sys
2018-08-23 14:10:01 ----A---- C:\Windows\system32\drivers\bowser.sys
2018-08-23 14:10:00 ----A---- C:\Windows\SYSWOW64\wvc.dll
2018-08-23 14:10:00 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-08-23 14:10:00 ----A---- C:\Windows\SYSWOW64\wisp.dll
2018-08-23 14:10:00 ----A---- C:\Windows\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wvc.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wups2.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wups.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wpdbusenum.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wpd_ci.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\wmploc.DLL
2018-08-23 14:10:00 ----A---- C:\Windows\system32\UXInit.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\uudf.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\drivers\wanarp.sys
2018-08-23 14:10:00 ----A---- C:\Windows\system32\drivers\UCX01000.SYS
2018-08-23 14:10:00 ----A---- C:\Windows\system32\drivers\parport.sys
2018-08-23 14:10:00 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-08-23 14:10:00 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-08-23 14:10:00 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-08-23 14:10:00 ----A---- C:\Windows\system32\DAFWSD.dll
2018-08-23 14:10:00 ----A---- C:\Windows\system32\adsmsext.dll
2018-08-23 14:09:59 ----A---- C:\Windows\system32\itircl.dll
2018-08-23 14:09:59 ----A---- C:\Windows\system32\input.dll
2018-08-23 14:09:58 ----A---- C:\Windows\SYSWOW64\wups.dll
2018-08-23 14:09:58 ----A---- C:\Windows\SYSWOW64\shsetup.dll
2018-08-23 14:09:58 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2018-08-23 14:09:58 ----A---- C:\Windows\SYSWOW64\P2P.dll
2018-08-23 14:09:58 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\shsetup.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\rastapi.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\PlayToDevice.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\p2psvc.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\mfps.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\drivers\netvsc63.sys
2018-08-23 14:09:58 ----A---- C:\Windows\system32\credssp.dll
2018-08-23 14:09:58 ----A---- C:\Windows\system32\ActionQueue.dll
2018-08-23 14:09:57 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2018-08-23 14:09:57 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2018-08-23 14:09:57 ----A---- C:\Windows\system32\Windows.Storage.ApplicationData.dll
2018-08-23 14:09:57 ----A---- C:\Windows\system32\P2P.dll
2018-08-23 14:09:57 ----A---- C:\Windows\system32\gpapi.dll
2018-08-23 14:09:57 ----A---- C:\Windows\system32\drivers\tm.sys
2018-08-23 14:09:56 ----A---- C:\Windows\SYSWOW64\PlayToDevice.dll
2018-08-23 14:09:56 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-08-23 14:09:56 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2018-08-23 14:09:56 ----A---- C:\Windows\SYSWOW64\itircl.dll
2018-08-23 14:09:56 ----A---- C:\Windows\SYSWOW64\input.dll
2018-08-23 14:09:56 ----A---- C:\Windows\SYSWOW64\cic.dll
2018-08-23 14:09:56 ----A---- C:\Windows\system32\wsdchngr.dll
2018-08-23 14:09:56 ----A---- C:\Windows\system32\WcnApi.dll
2018-08-23 14:09:56 ----A---- C:\Windows\system32\nlaapi.dll
2018-08-23 14:09:56 ----A---- C:\Windows\system32\NetVscCoinstall.dll
2018-08-23 14:09:56 ----A---- C:\Windows\system32\mmcbase.dll
2018-08-23 14:09:56 ----A---- C:\Windows\system32\drivers\processr.sys
2018-08-23 14:09:56 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2018-08-23 14:09:56 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2018-08-23 14:09:56 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-08-23 14:09:55 ----A---- C:\Windows\SYSWOW64\user.exe
2018-08-23 14:09:55 ----A---- C:\Windows\SYSWOW64\ulib.dll
2018-08-23 14:09:55 ----A---- C:\Windows\SYSWOW64\mfps.dll
2018-08-23 14:09:55 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-08-23 14:09:55 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2018-08-23 14:09:55 ----A---- C:\Windows\SYSWOW64\authz.dll
2018-08-23 14:09:55 ----A---- C:\Windows\system32\shdocvw.dll
2018-08-23 14:09:55 ----A---- C:\Windows\system32\regsvc.dll
2018-08-23 14:09:55 ----A---- C:\Windows\system32\icm32.dll
2018-08-23 14:09:55 ----A---- C:\Windows\system32\fdWCN.dll
2018-08-23 14:09:55 ----A---- C:\Windows\system32\drivers\vwifimp.sys
2018-08-23 14:09:55 ----A---- C:\Windows\system32\drivers\vwififlt.sys
2018-08-23 14:09:55 ----A---- C:\Windows\system32\drivers\uefi.sys
2018-08-23 14:09:55 ----A---- C:\Windows\system32\apisetschema.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\wsdchngr.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\ufat.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\uexfat.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\offreg.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\icm32.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2018-08-23 14:09:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\wsnmp32.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\ulib.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\ufat.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\uexfat.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\offreg.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\ntprint.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-08-23 14:09:54 ----A---- C:\Windows\system32\drivers\serial.sys
2018-08-23 14:09:54 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-08-23 14:09:54 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-08-23 14:09:54 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-08-23 14:09:54 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-08-23 14:09:54 ----A---- C:\Windows\system32\cnvfat.dll
2018-08-23 14:09:54 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-08-23 14:09:53 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-08-23 14:09:53 ----A---- C:\Windows\SYSWOW64\winshfhc.dll
2018-08-23 14:09:53 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2018-08-23 14:09:53 ----A---- C:\Windows\system32\winshfhc.dll
2018-08-23 14:09:53 ----A---- C:\Windows\system32\mgmtapi.dll
2018-08-23 14:09:53 ----A---- C:\Windows\system32\inetpp.dll
2018-08-23 14:09:53 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-08-23 14:09:53 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-08-23 14:09:53 ----A---- C:\Windows\system32\dab.dll
2018-08-23 14:09:53 ----A---- C:\Windows\system32\cic.dll
2018-08-23 14:09:53 ----A---- C:\Windows\system32\authz.dll
2018-08-23 14:09:52 ----A---- C:\Windows\SYSWOW64\mgmtapi.dll
2018-08-23 14:09:52 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2018-08-23 14:09:52 ----A---- C:\Windows\SYSWOW64\cnvfat.dll
2018-08-23 14:09:52 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2018-08-23 14:09:52 ----A---- C:\Windows\system32\snmptrap.exe
2018-08-23 14:09:52 ----A---- C:\Windows\system32\mfmjpegdec.dll
2018-08-23 14:09:52 ----A---- C:\Windows\system32\iscsium.dll
2018-08-23 14:09:52 ----A---- C:\Windows\system32\drivers\vwifibus.sys
2018-08-23 14:09:52 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-08-23 14:09:51 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2018-08-23 14:09:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-08-23 14:09:51 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2018-08-23 14:09:51 ----A---- C:\Windows\SYSWOW64\iscsium.dll
2018-08-23 14:09:51 ----A---- C:\Windows\system32\SCardDlg.dll
2018-08-23 14:09:51 ----A---- C:\Windows\system32\rfxvmt.dll
2018-08-23 14:09:51 ----A---- C:\Windows\system32\pcalua.exe
2018-08-23 14:09:51 ----A---- C:\Windows\system32\msobjs.dll
2018-08-23 14:09:51 ----A---- C:\Windows\system32\mmcshext.dll
2018-08-23 14:09:51 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-08-23 14:09:51 ----A---- C:\Windows\system32\drivers\serenum.sys
2018-08-23 14:09:51 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2018-08-23 14:09:51 ----A---- C:\Windows\system32\drivers\fxppm.sys
2018-08-23 14:09:51 ----A---- C:\Windows\system32\convert.exe
2018-08-23 14:09:50 ----A---- C:\Windows\SYSWOW64\rasser.dll
2018-08-23 14:09:50 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2018-08-23 14:09:50 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2018-08-23 14:09:50 ----A---- C:\Windows\system32\wsmplpxy.dll
2018-08-23 14:09:50 ----A---- C:\Windows\system32\rasser.dll
2018-08-23 14:09:50 ----A---- C:\Windows\system32\rasmxs.dll
2018-08-23 14:09:50 ----A---- C:\Windows\system32\rasdiag.dll
2018-08-23 14:09:50 ----A---- C:\Windows\splwow64.exe
2018-08-22 16:34:25 ----D---- C:\Users\oldřich\AppData\Roaming\vlc
2018-08-22 16:34:01 ----D---- C:\Program Files (x86)\VideoLAN
2018-08-22 11:20:20 ----D---- C:\Users\oldřich\AppData\Roaming\Macromedia
2018-08-22 11:17:15 ----D---- C:\Users\oldřich\AppData\Roaming\Mozilla
2018-08-22 11:17:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-22 11:17:11 ----D---- C:\Program Files\Mozilla Firefox
2018-08-22 10:53:29 ----D---- C:\Users\oldřich\AppData\Roaming\InstalujDownloader
2018-08-22 10:51:40 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-08-22 10:51:40 ----D---- C:\Program Files (x86)\MSBuild
2018-08-22 10:51:36 ----D---- C:\Windows\SYSWOW64\XPSViewer
2018-08-22 10:51:36 ----D---- C:\Program Files\Reference Assemblies
2018-08-22 10:51:36 ----D---- C:\Program Files\MSBuild
2018-08-22 10:50:24 ----A---- C:\Windows\SYSWOW64\PresentationNative_v0300.dll
2018-08-22 10:50:23 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2018-08-22 10:45:25 ----D---- C:\Users\oldřich\AppData\Roaming\Carambis
2018-08-22 10:45:18 ----D---- C:\Program Files (x86)\Carambis
2018-08-22 10:40:52 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2018-08-22 10:40:45 ----D---- C:\Program Files (x86)\Avast Driver Updater
2018-08-22 01:42:21 ----D---- C:\Users\oldřich\AppData\Roaming\Google
2018-08-22 01:41:55 ----D---- C:\Program Files (x86)\AMD APP
2018-08-22 01:41:45 ----D---- C:\Users\oldřich\AppData\Roaming\ATI
2018-08-22 01:41:45 ----D---- C:\ProgramData\ATI
2018-08-22 01:41:34 ----D---- C:\Program Files\ATI
2018-08-22 01:40:49 ----D---- C:\ATI
2018-08-22 01:27:16 ----D---- C:\Program Files\Google
2018-08-22 01:27:12 ----D---- C:\ProgramData\Google
2018-08-22 01:26:35 ----D---- C:\Program Files (x86)\Google
2018-08-22 01:25:57 ----D---- C:\Users\oldřich\AppData\Roaming\AVAST Software
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswbuniva.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswbloga.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswbidsha.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswbidsdrivera.sys
2018-08-22 01:24:56 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-08-22 01:24:54 ----D---- C:\Program Files\Common Files\AVAST Software
2018-08-22 01:24:54 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-22 01:23:53 ----D---- C:\Program Files\AVAST Software
2018-08-22 01:23:28 ----D---- C:\ProgramData\AVAST Software
2018-08-22 01:20:06 ----D---- C:\ProgramData\AMD
2018-08-22 01:20:05 ----D---- C:\Program Files\ATI Technologies
2018-08-22 01:19:49 ----D---- C:\Program Files (x86)\ATI Technologies
2018-08-22 01:19:44 ----D---- C:\ProgramData\Package Cache
2018-08-22 01:19:31 ----D---- C:\AMD
2018-08-22 01:19:27 ----D---- C:\Program Files\Common Files\ATI Technologies
2018-08-22 01:19:24 ----D---- C:\Program Files\AMD
2018-08-22 01:11:40 ----D---- C:\Users\oldřich\AppData\Roaming\Adobe
2018-08-22 01:11:20 ----SD---- C:\Users\oldřich\AppData\Roaming\Microsoft
2018-08-22 01:08:29 ----D---- C:\Windows\SoftwareDistribution
2018-08-21 23:58:37 ----D---- C:\Windows\Panther
2018-08-21 23:58:27 ----RASH---- C:\BOOTSECT.BAK
2018-08-21 23:58:25 ----SHD---- C:\Boot
2018-08-21 23:07:05 ----SHD---- C:\ProgramData\Ĺ ablony
2018-08-21 23:07:05 ----SHD---- C:\ProgramData\Plocha
2018-08-21 23:07:05 ----SHD---- C:\ProgramData\NabĂ­dka Start
2018-08-21 23:07:05 ----SHD---- C:\ProgramData\Dokumenty
2018-08-21 23:07:05 ----SHD---- C:\ProgramData\Data aplikacĂ­
2018-08-21 23:06:46 ----ASH---- C:\hiberfil.sys
2018-08-21 23:06:14 ----SHD---- C:\Recovery
2018-08-21 23:05:11 ----D---- C:\Windows\Prefetch
2018-08-21 23:04:46 ----ASH---- C:\swapfile.sys
2018-08-21 23:04:46 ----ASH---- C:\pagefile.sys
2018-08-21 23:04:45 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 month======

2018-08-30 11:42:00 ----RD---- C:\Program Files
2018-08-30 11:37:56 ----D---- C:\Windows\Temp
2018-08-30 11:28:23 ----D---- C:\Windows\system32\Tasks
2018-08-30 11:00:00 ----D---- C:\Windows\system32\sru
2018-08-30 10:47:07 ----D---- C:\Windows
2018-08-30 10:31:23 ----RD---- C:\Windows\System32
2018-08-30 10:31:23 ----D---- C:\Windows\Inf
2018-08-30 10:31:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-29 23:25:48 ----D---- C:\Windows\Microsoft.NET
2018-08-28 23:05:08 ----D---- C:\Windows\Logs
2018-08-28 21:06:26 ----RD---- C:\Program Files (x86)
2018-08-28 21:06:26 ----HD---- C:\ProgramData
2018-08-28 20:59:52 ----D---- C:\Windows\system32\drivers
2018-08-27 23:26:42 ----D---- C:\Windows\SysWOW64
2018-08-27 23:26:40 ----RSD---- C:\Windows\assembly
2018-08-27 13:39:07 ----SHD---- C:\$Recycle.Bin
2018-08-25 20:29:09 ----D---- C:\Windows\system32\LogFiles
2018-08-25 12:29:27 ----D---- C:\Windows\system32\config
2018-08-25 12:29:22 ----SHD---- C:\Windows\Installer
2018-08-25 12:29:06 ----RSD---- C:\Windows\Fonts
2018-08-25 12:27:24 ----D---- C:\Windows\WinSxS
2018-08-24 13:52:17 ----D---- C:\Windows\rescache
2018-08-24 13:21:52 ----D---- C:\Windows\system32\wdi
2018-08-24 03:23:48 ----D---- C:\Windows\SYSWOW64\migration
2018-08-24 03:23:48 ----D---- C:\Windows\system32\migration
2018-08-24 03:23:48 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-08-24 03:23:47 ----D---- C:\Windows\system32\DriverStore
2018-08-24 00:50:32 ----D---- C:\Windows\AppCompat
2018-08-23 17:45:56 ----D---- C:\Windows\CbsTemp
2018-08-23 17:45:50 ----D---- C:\Windows\system32\SecureBootUpdates
2018-08-23 17:35:54 ----D---- C:\Windows\system32\catroot2
2018-08-23 17:23:03 ----D---- C:\Windows\system32\sr-Latn-RS
2018-08-23 17:23:03 ----D---- C:\Windows\system32\sr-Latn-CS
2018-08-23 17:23:03 ----D---- C:\Windows\apppatch
2018-08-23 17:23:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-23 17:23:01 ----D---- C:\Windows\system32\cs-CZ
2018-08-23 17:23:00 ----RD---- C:\Windows\ImmersiveControlPanel
2018-08-23 17:23:00 ----D---- C:\Windows\system32\en-US
2018-08-23 17:22:54 ----D---- C:\Windows\SYSWOW64\wbem
2018-08-23 17:22:54 ----D---- C:\Windows\system32\wbem
2018-08-23 17:22:53 ----D---- C:\Windows\WinStore
2018-08-23 17:22:48 ----D---- C:\Program Files\Common Files\microsoft shared
2018-08-23 17:22:47 ----SD---- C:\Windows\system32\CompatTel
2018-08-23 17:22:46 ----RD---- C:\Windows\ToastData
2018-08-23 17:22:43 ----D---- C:\Program Files\Internet Explorer
2018-08-23 17:22:42 ----D---- C:\Program Files\Windows Defender
2018-08-23 17:22:42 ----D---- C:\Program Files (x86)\Internet Explorer
2018-08-23 17:22:38 ----D---- C:\Windows\SYSWOW64\setup
2018-08-23 17:22:38 ----D---- C:\Program Files (x86)\Windows Defender
2018-08-23 17:22:37 ----D---- C:\Windows\system32\Boot
2018-08-23 17:22:37 ----D---- C:\Windows\PolicyDefinitions
2018-08-23 17:22:36 ----D---- C:\Windows\system32\setup
2018-08-23 17:22:36 ----D---- C:\Windows\system32\oobe
2018-08-23 17:22:31 ----SD---- C:\ProgramData\Microsoft
2018-08-23 17:22:31 ----D---- C:\Windows\system32\CodeIntegrity
2018-08-23 16:34:48 ----D---- C:\Windows\system32\drivers\UMDF
2018-08-23 15:51:27 ----D---- C:\Windows\debug
2018-08-23 12:38:40 ----HD---- C:\Program Files\WindowsApps
2018-08-23 12:38:40 ----D---- C:\Windows\AppReadiness
2018-08-22 11:20:16 ----D---- C:\Windows\system32\Macromed
2018-08-22 11:20:14 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-22 10:51:36 ----D---- C:\Windows\SYSWOW64\MUI
2018-08-22 10:51:36 ----D---- C:\Windows\system32\MUI
2018-08-22 10:40:56 ----D---- C:\Windows\Tasks
2018-08-22 01:24:54 ----D---- C:\Program Files\Common Files
2018-08-22 01:11:20 ----RD---- C:\Users
2018-08-22 01:10:23 ----D---- C:\Windows\system32\AdvancedInstallers
2018-08-22 01:10:08 ----D---- C:\Windows\system32\restore
2018-08-21 23:07:05 ----D---- C:\Program Files\Windows NT
2018-08-21 23:06:14 ----D---- C:\Windows\system32\Recovery

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-08-22 201320]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-08-22 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-08-22 59568]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-08-28 87904]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-08-22 381560]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-11-21 157016]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-08-22 199712]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-08-22 229384]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-08-22 249016]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-08-22 111864]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-08-22 1027720]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-08-22 467232]
R2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2013-09-20 59648]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-08-22 163272]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-08-22 214800]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-07-21 13209088]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-07-21 626688]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;OvladaÄŤ zvukĹŻ USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-11-21 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 WinUsb;@winusb.inf,%WinUSB_SvcDesc%;OvladaÄŤ WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-10-10 78848]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-08-22 46968]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2018-08-25 25608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-07-21 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-07-04 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-08-22 322464]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-08-22 7994520]
S2 gupdate;SluĹľba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-22 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-22 335872]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;SluĹľba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-22 153168]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2018-08-22 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-08-07 194512]

-----------------EOF-----------------

Re: prosím o preventivku

Napsal: 30 srp 2018 15:54
od Conder
Ahoj :)

:arrow: Co presne znamena "PC sa obcas zastavi"?

:arrow: Odporucam odinstalovat Google Toolbar.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: prosím o preventivku

Napsal: 31 srp 2018 11:47
od gold
Přesně to znamená, že PC několik desítek vteřin nereaguje vůbec na myš ani klávesnici.
# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-31-2018
# Duration: 00:00:14
# OS: Windows 8.1
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\oldřich\AppData\Roaming\Carambis
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\oldřich\AppData\Local\Temp\VideoConverter

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Carambis
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1595 octets] - [31/08/2018 12:41:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: prosím o preventivku

Napsal: 31 srp 2018 16:34
od Conder
:arrow: Poprosim o obidva logy z FRST podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: prosím o preventivku

Napsal: 31 srp 2018 20:22
od gold
ok posílám v zipu

Re: prosím o preventivku

Napsal: 31 srp 2018 21:09
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\ProgramData\vfiakfjk.zeu
VirusTotal: C:\ProgramData\mtbjfghn.xbe
File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File: C:\ProgramData\vfiakfjk.zeu
File: C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe
File: C:\ProgramData\mtbjfghn.xbe
File: C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe

HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\...\Run: [movavi_videoconverter_agent] => C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium\ConverterAgent.exe [684040 2018-08-28] (Movavi )
HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://cz.tanoth.gameforge.com/?kid=5-20831-20807-1105-12012142
Toolbar: HKU\S-1-5-21-2681825276-3339475552-1349515903-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Homepage: Mozilla\Firefox\Profiles\g86mik7h.default -> hxxp://cz2.herozerogame.com/
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://cz2.herozerogame.com/#","hxxps://s1-cz.tanoth.gameforge.com/","hxxps://www.idnes.cz/"
2018-08-30 11:42 - 2018-08-30 12:09 - 000000000 ____D C:\rsit
2018-08-30 11:42 - 2018-08-30 11:42 - 000000000 ____D C:\Program Files\trend micro
2018-08-30 11:41 - 2018-08-30 11:41 - 001222144 _____ C:\Users\oldřich\Downloads\RSITx64.exe
2018-08-28 21:02 - 2018-08-28 21:02 - 000005083 _____ C:\ProgramData\vfiakfjk.zeu
2018-08-25 14:54 - 2018-08-25 14:54 - 000000096 ____H C:\Users\oldřich\Desktop\.~lock.ZOO.ods#
2018-08-22 10:53 - 2018-08-22 10:53 - 000159608 _____ () C:\Users\oldřich\Downloads\Instaluj.cz - '23377' (1).exe
2018-08-22 10:47 - 2018-08-22 10:47 - 000159608 _____ () C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe
2018-08-22 10:45 - 2018-08-22 10:45 - 000004870 _____ C:\ProgramData\mtbjfghn.xbe
2018-08-22 10:45 - 2018-08-22 10:45 - 000000016 _____ C:\ProgramData\mntemp
2018-08-22 10:44 - 2018-08-22 10:44 - 008456808 _____ C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe

Hosts:
EmptyTemp:
End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: prosím o preventivku

Napsal: 31 srp 2018 23:12
od gold
Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by oldřich (01-09-2018 00:00:09) Run:1
Running from C:\Users\oldřich\Desktop
Loaded Profiles: oldřich (Available Profiles: oldřich)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\ProgramData\vfiakfjk.zeu
VirusTotal: C:\ProgramData\mtbjfghn.xbe
File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File: C:\ProgramData\vfiakfjk.zeu
File: C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe
File: C:\ProgramData\mtbjfghn.xbe
File: C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe

HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\...\Run: [movavi_videoconverter_agent] => C:\Users\oldřich\AppData\Roaming\Movavi Video Converter 18 Premium\ConverterAgent.exe [684040 2018-08-28] (Movavi )
HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://cz.tanoth.gameforge.com/?kid=5-20831-20807-1105-12012142
Toolbar: HKU\S-1-5-21-2681825276-3339475552-1349515903-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Homepage: Mozilla\Firefox\Profiles\g86mik7h.default -> hxxp://cz2.herozerogame.com/
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://cz2.herozerogame.com/#","hxxps://s1-cz.tanoth.gameforge.com/","hxxps://www.idnes.cz/"
2018-08-30 11:42 - 2018-08-30 12:09 - 000000000 ____D C:\rsit
2018-08-30 11:42 - 2018-08-30 11:42 - 000000000 ____D C:\Program Files\trend micro
2018-08-30 11:41 - 2018-08-30 11:41 - 001222144 _____ C:\Users\oldřich\Downloads\RSITx64.exe
2018-08-28 21:02 - 2018-08-28 21:02 - 000005083 _____ C:\ProgramData\vfiakfjk.zeu
2018-08-25 14:54 - 2018-08-25 14:54 - 000000096 ____H C:\Users\oldřich\Desktop\.~lock.ZOO.ods#
2018-08-22 10:53 - 2018-08-22 10:53 - 000159608 _____ () C:\Users\oldřich\Downloads\Instaluj.cz - '23377' (1).exe
2018-08-22 10:47 - 2018-08-22 10:47 - 000159608 _____ () C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe
2018-08-22 10:45 - 2018-08-22 10:45 - 000004870 _____ C:\ProgramData\mtbjfghn.xbe
2018-08-22 10:45 - 2018-08-22 10:45 - 000000016 _____ C:\ProgramData\mntemp
2018-08-22 10:44 - 2018-08-22 10:44 - 008456808 _____ C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 33
Average :
Sum : 146174891
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

VirusTotal: C:\ProgramData\vfiakfjk.zeu => https://www.virustotal.com/file/c20e361 ... 535752862/
VirusTotal: C:\ProgramData\mtbjfghn.xbe => https://www.virustotal.com/file/0331608 ... 535752863/

========================= File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe ========================

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File not signed
MD5: 9116FCF56613B8C5BEE586BB156FAB35
Creation and modification date: 2014-07-04 21:33 - 2014-07-04 21:33
Size: 000344064
Attributes: ----A
Company Name: Advanced Micro Devices, Inc.
Internal Name: Fuel
Original Name: Fuel.Service.exe
Product: AMD Fuel Service
Description: AMD Fuel Service
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © 2009-2010 Advanced Micro Devices, Inc. All Rights Reserved
VirusTotal: 0

====== End of File: ======


========================= File: C:\ProgramData\vfiakfjk.zeu ========================

C:\ProgramData\vfiakfjk.zeu
File not signed
MD5: 0B417AE4B32A77948521F0072D40BD2C
Creation and modification date: 2018-08-28 21:02 - 2018-08-28 21:02
Size: 000005083
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe ========================

C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe
File is digitally signed
MD5: 82B0AE23DECC640BA693FA532ED49563
Creation and modification date: 2018-08-22 10:47 - 2018-08-22 10:47
Size: 000159608
Attributes: ----A
Company Name:
Internal Name: InstalujDownloader.exe
Original Name: InstalujDownloader.exe
Product: InstalujDownloader
Description: InstalujDownloader
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © 2016
VirusTotal: 0

====== End of File: ======


========================= File: C:\ProgramData\mtbjfghn.xbe ========================

C:\ProgramData\mtbjfghn.xbe
File not signed
MD5: DA9B481DA3C0E4316BC8A33C3CD1266B
Creation and modification date: 2018-08-22 10:45 - 2018-08-22 10:45
Size: 000004870
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe ========================

C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe
File is digitally signed
MD5: E58B31837A816B9FB7560D35B1AA08CD
Creation and modification date: 2018-08-22 10:44 - 2018-08-22 10:44
Size: 008456808
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

"HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Windows\CurrentVersion\Run\\movavi_videoconverter_agent" => removed successfully
HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-2681825276-3339475552-1349515903-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
"Firefox homepage" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\oldřich\Downloads\RSITx64.exe => moved successfully
C:\ProgramData\vfiakfjk.zeu => moved successfully
C:\Users\oldřich\Desktop\.~lock.ZOO.ods# => moved successfully
C:\Users\oldřich\Downloads\Instaluj.cz - '23377' (1).exe => moved successfully
C:\Users\oldřich\Downloads\Instaluj.cz - '23377'.exe => moved successfully
C:\ProgramData\mtbjfghn.xbe => moved successfully
C:\ProgramData\mntemp => moved successfully
C:\Users\oldřich\Downloads\InstallerDU-2.4.3.1734.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19284565 B
Java, Flash, Steam htmlcache => 1876 B
Windows/system/drivers => 42180766 B
Edge => 0 B
Chrome => 771068754 B
Firefox => 242757275 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 18309 B
systemprofile32 => 0 B
LocalService => 26108 B
NetworkService => 1644 B
oldřich => 348785173 B

RecycleBin => 2289571366 B
EmptyTemp: => 3.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:02:28 ====

Re: prosím o preventivku

Napsal: 01 zář 2018 01:37
od Conder
:arrow: Vyzera to OK. Nastala nejaka zmena alebo su este s PC nejake problemy?

Re: prosím o preventivku

Napsal: 01 zář 2018 10:54
od gold
PC se zatím nezastavuje, řekl bych, že je všechno ok. Děkuji

Re: prosím o preventivku

Napsal: 01 zář 2018 16:44
od Conder
:arrow: Tak este upraceme po pouzitych nastrojoch:

Re: prosím o preventivku

Napsal: 01 zář 2018 22:48
od gold
# DelFix v1.013 - Logfile created 01/09/2018 at 23:46:56
# Updated 17/04/2016 by Xplode
# Username : oldřich - OLDA
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...


########## - EOF - ##########

Re: prosím o preventivku

Napsal: 02 zář 2018 18:25
od Conder
Toto je OK.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz