VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivni kontrola - tmczech

https://forum.viry.cz:443/viewtopic.php?t=156004

Stránka 1 z 2

Preventivni kontrola - tmczech

Napsal: 01 čer 2019 10:42
od tmczech
Dobrý den, prosím o preventivní kontrolu logu. Poslední dobou jsem zaznamenal "zpomalení" koše - odezva na vysypání cca 3-5 min (obsah 4 soubory o 300-400 kB).

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2019-06-01 11:37:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (14%) free of 114 GB
Total RAM: 8091 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:37:06, on 1.6.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19355)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --user-data-dir="C:\ProgramData\ESET\ESET Smart Security\OPP\S-1-5-21-3455737578-2053105143-1757345281-1000\\EsetOPPChromeProfile" --flag-switches-begin --flag-switches-end --restore-last-session http://eset.com/BPPRedirector/ESET-Safe ... 9b99cebe7e
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9703 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\SysWOW64\ASGT.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2116
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e274d7b4-07a6-497a-8886-a96fce1bd4b6 -SystemEventPortName:HostProcess-1531fbac-424a-4584-9e2b-3f364df208f4 -IoCancelEventPortName:HostProcess-fb127d0b-71fb-4ed7-b782-84bac58bdb5c -NonStateChangingEventPortName:HostProcess-8e1c6ee4-1fac-45a1-9f4a-c0d4bcda68cc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fc8af204-2c11-418d-b127-16365b930b19 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\ESET\ESET Smart Security\eguiproxy.exe" /hide
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\splwow64.exe 8192
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Admin\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-08-07 6827664]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-14 1841496]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [2019-04-14 177928]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-04-23 1561968]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-04-23 844144]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-05-09 22588760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2019-05-21 1723888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-04-23 311152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-06-01 11:25:49 ----D---- C:\rsit
2019-06-01 11:25:49 ----D---- C:\Program Files\trend micro
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-05-15 17:42:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\user.exe
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-05-15 17:42:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-05-15 17:42:09 ----A---- C:\Windows\system32\KernelBase.dll
2019-05-15 17:42:09 ----A---- C:\Windows\system32\kernel32.dll
2019-05-15 17:42:09 ----A---- C:\Windows\system32\drivers\processr.sys
2019-05-15 17:42:09 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-05-15 17:42:09 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-05-15 17:42:09 ----A---- C:\Windows\system32\csrsrv.dll
2019-05-15 17:42:09 ----A---- C:\Windows\system32\appidsvc.dll
2019-05-15 17:42:09 ----A---- C:\Windows\system32\appidapi.dll
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2019-05-15 17:42:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\wow64cpu.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\sspisrv.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\smss.exe
2019-05-15 17:42:08 ----A---- C:\Windows\system32\secur32.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\rpchttp.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\ntdll.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\hal.dll
2019-05-15 17:42:08 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-05-15 17:42:08 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-05-15 17:42:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-05-15 17:42:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-05-15 17:42:08 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-05-15 17:42:08 ----A---- C:\Windows\system32\drivers\appid.sys
2019-05-15 17:42:08 ----A---- C:\Windows\system32\apisetschema.dll
2019-05-15 17:42:07 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-05-15 17:42:07 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-05-15 17:42:07 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-05-15 17:42:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-05-15 17:42:07 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-05-15 17:42:07 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\wow64.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\TSpkg.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\sspicli.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\rpcss.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-05-15 17:42:07 ----A---- C:\Windows\system32\msv1_0.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\lsass.exe
2019-05-15 17:42:07 ----A---- C:\Windows\system32\kerberos.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\gdi32.dll
2019-05-15 17:42:07 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-05-15 17:42:07 ----A---- C:\Windows\system32\drivers\srv.sys
2019-05-15 17:42:07 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-05-15 17:42:07 ----A---- C:\Windows\system32\advapi32.dll
2019-05-15 17:42:06 ----A---- C:\Windows\system32\rpcrt4.dll
2019-05-15 17:42:06 ----A---- C:\Windows\system32\oleaut32.dll
2019-05-15 17:42:06 ----A---- C:\Windows\system32\ole32.dll
2019-05-15 17:42:06 ----A---- C:\Windows\system32\mshtml.dll
2019-05-15 17:42:06 ----A---- C:\Windows\system32\lsasrv.dll
2019-05-15 17:42:06 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-05-15 17:42:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-05-15 17:42:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-05-15 17:42:04 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\winsrv.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\wdigest.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\sscore.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\srcore.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\srclient.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\schannel.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-05-15 17:42:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-05-15 17:42:04 ----A---- C:\Windows\system32\cryptdll.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\cryptbase.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\certcli.dll
2019-05-15 17:42:04 ----A---- C:\Windows\system32\bcrypt.dll
2019-05-15 17:42:03 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-05-15 17:42:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-05-15 17:42:03 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-05-15 17:42:03 ----A---- C:\Windows\system32\wmp.dll
2019-05-15 17:42:03 ----A---- C:\Windows\system32\srvsvc.dll
2019-05-15 17:42:03 ----A---- C:\Windows\system32\ncrypt.dll
2019-05-15 17:42:03 ----A---- C:\Windows\system32\conhost.exe
2019-05-15 17:42:02 ----A---- C:\Windows\SYSWOW64\wmp.dll
2019-05-15 17:42:02 ----A---- C:\Windows\system32\wow64win.dll
2019-05-15 17:42:02 ----A---- C:\Windows\system32\jscript9.dll
2019-05-15 17:42:02 ----A---- C:\Windows\system32\ieframe.dll
2019-05-15 17:42:01 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-05-15 17:42:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-05-15 17:42:01 ----A---- C:\Windows\system32\wininet.dll
2019-05-15 17:42:01 ----A---- C:\Windows\system32\wercplsupport.dll
2019-05-15 17:42:01 ----A---- C:\Windows\system32\werconcpl.dll
2019-05-15 17:42:01 ----A---- C:\Windows\system32\rstrui.exe
2019-05-15 17:42:01 ----A---- C:\Windows\system32\ntvdm64.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\werui.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-05-15 17:42:00 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-05-15 17:42:00 ----A---- C:\Windows\system32\werui.dll
2019-05-15 17:42:00 ----A---- C:\Windows\system32\usp10.dll
2019-05-15 17:42:00 ----A---- C:\Windows\system32\urlmon.dll
2019-05-15 17:42:00 ----A---- C:\Windows\system32\shell32.dll
2019-05-15 17:42:00 ----A---- C:\Windows\system32\nltest.exe
2019-05-15 17:42:00 ----A---- C:\Windows\system32\jscript.dll
2019-05-15 17:42:00 ----A---- C:\Windows\system32\iertutil.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\cryptdll.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2019-05-15 17:41:59 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\wmdrmsdk.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\winload.exe
2019-05-15 17:41:59 ----A---- C:\Windows\system32\wer.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\vbscript.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\t2embed.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\streamci.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\oleres.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\msscp.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\msobjs.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\msaudite.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\mf.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\iedkcs32.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\fontsub.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drmv2clt.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drmmgrtn.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\volmgr.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\termdd.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\swenum.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\pci.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\isapnp.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\drivers\AGP440.sys
2019-05-15 17:41:59 ----A---- C:\Windows\system32\credssp.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\comcat.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\blackbox.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\auditpol.exe
2019-05-15 17:41:59 ----A---- C:\Windows\system32\atmfd.dll
2019-05-15 17:41:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-05-15 17:41:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-05-15 17:41:59 ----A---- C:\Windows\system32\adtschema.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\msscp.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\mf.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2019-05-15 17:41:58 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\quartz.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\msnetobj.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\msfeeds.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\ieapfltr.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\cryptui.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\audiosrv.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\AudioSes.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\AUDIOKSE.dll
2019-05-15 17:41:58 ----A---- C:\Windows\system32\AudioEng.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\quartz.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-05-15 17:41:57 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\wintrust.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\wermgr.exe
2019-05-15 17:41:57 ----A---- C:\Windows\system32\webcheck.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\qdvd.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\pcawrk.exe
2019-05-15 17:41:57 ----A---- C:\Windows\system32\pcasvc.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\occache.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-15 17:41:57 ----A---- C:\Windows\system32\msrating.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\mshtmled.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\mfps.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\mfplat.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\lpk.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\jsproxy.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\jscript9diag.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\inseng.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\ieUnatt.exe
2019-05-15 17:41:57 ----A---- C:\Windows\system32\ieui.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\evr.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\dxtrans.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\dxtmsft.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\dciman32.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\cryptsvc.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\cryptnet.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\crypt32.dll
2019-05-15 17:41:57 ----A---- C:\Windows\system32\audiodg.exe
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\mfps.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\lpk.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\evr.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-05-15 17:41:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\wmploc.DLL
2019-05-15 17:41:56 ----A---- C:\Windows\system32\werdiagcontroller.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\spwmp.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\rrinstaller.exe
2019-05-15 17:41:56 ----A---- C:\Windows\system32\pcalua.exe
2019-05-15 17:41:56 ----A---- C:\Windows\system32\pcadm.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\mssign32.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\msmmsp.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\mfpmp.exe
2019-05-15 17:41:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\iesetup.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\iernonce.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-05-15 17:41:56 ----A---- C:\Windows\system32\ie4uinit.exe
2019-05-15 17:41:56 ----A---- C:\Windows\system32\EncDump.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\dxmasf.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\cryptsp.dll
2019-05-15 17:41:56 ----A---- C:\Windows\system32\atmlib.dll
2019-05-15 17:41:55 ----A---- C:\Windows\SYSWOW64\mferror.dll
2019-05-15 17:41:55 ----A---- C:\Windows\system32\pcaevts.dll
2019-05-15 17:41:55 ----A---- C:\Windows\system32\mferror.dll
2019-05-15 17:41:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll

======List of files/folders modified in the last 1 month======

2019-06-01 11:29:42 ----D---- C:\Windows\system32\config
2019-06-01 11:27:15 ----D---- C:\Windows\inf
2019-06-01 11:27:15 ----D---- C:\Windows
2019-06-01 11:25:49 ----RD---- C:\Program Files
2019-06-01 11:25:44 ----D---- C:\Windows\Temp
2019-06-01 11:23:28 ----D---- C:\Windows\System32
2019-06-01 11:23:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-05-31 22:16:37 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2019-05-31 20:56:08 ----D---- C:\Windows\system32\FxsTmp
2019-05-26 20:21:16 ----SHD---- C:\System Volume Information
2019-05-19 20:48:21 ----D---- C:\Windows\debug
2019-05-19 13:47:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-05-19 13:47:07 ----D---- C:\Windows\system32\Macromed
2019-05-19 13:47:02 ----D---- C:\Windows\SYSWOW64\Macromed
2019-05-18 12:47:19 ----D---- C:\Windows\rescache
2019-05-18 12:35:48 ----D---- C:\Windows\Microsoft.NET
2019-05-17 22:37:06 ----RSD---- C:\Windows\assembly
2019-05-17 20:37:21 ----D---- C:\Windows\system32\Tasks
2019-05-17 20:37:21 ----D---- C:\Program Files\CCleaner
2019-05-16 17:49:57 ----D---- C:\Windows\winsxs
2019-05-16 17:48:15 ----D---- C:\Windows\SYSWOW64\en-US
2019-05-16 17:48:15 ----D---- C:\Windows\SYSWOW64\Dism
2019-05-16 17:48:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-05-16 17:48:15 ----D---- C:\Windows\SysWOW64
2019-05-16 17:48:15 ----D---- C:\Program Files\Windows Media Player
2019-05-16 17:48:15 ----D---- C:\Program Files\Internet Explorer
2019-05-16 17:48:15 ----D---- C:\Program Files (x86)\Windows Media Player
2019-05-16 17:48:15 ----D---- C:\Program Files (x86)\Internet Explorer
2019-05-16 17:48:14 ----D---- C:\Windows\system32\en-US
2019-05-16 17:48:14 ----D---- C:\Windows\system32\drivers\en-US
2019-05-16 17:48:14 ----D---- C:\Windows\system32\drivers
2019-05-16 17:48:14 ----D---- C:\Windows\system32\Dism
2019-05-16 17:48:14 ----D---- C:\Windows\system32\cs-CZ
2019-05-16 17:48:13 ----RSD---- C:\Windows\Fonts
2019-05-16 17:48:13 ----D---- C:\Windows\system32\Boot
2019-05-16 17:48:13 ----D---- C:\Windows\AppPatch
2019-05-16 17:48:12 ----D---- C:\Windows\system32\DriverStore
2019-05-15 22:22:31 ----D---- C:\Windows\system32\MRT
2019-05-15 22:20:20 ----AC---- C:\Windows\system32\MRT.exe
2019-05-15 22:20:05 ----D---- C:\Windows\system32\catroot2
2019-05-15 22:19:50 ----SHD---- C:\Windows\Installer
2019-05-15 22:18:32 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-05-15 17:35:14 ----RD---- C:\Program Files (x86)
2019-05-14 22:16:03 ----D---- C:\ProgramData\Microsoft Help
2019-05-09 23:11:23 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2019-03-14 107744]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-08-31 386680]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-03-14 145600]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-03-14 188240]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2019-03-14 82472]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2019-03-14 61152]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-03-14 110000]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2019-03-14 50280]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-04-25 36549512]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-04-25 520072]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-12-20 96256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-07 4102928]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2014-12-10 797400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-04-25 129152]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2016-01-08 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2016-01-08 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2016-01-08 188232]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-04-25 221824]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-04-25 543112]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2019-04-14 2359312]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2016-11-25 192200]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-02-24 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-05-19 335416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-01-28 1486344]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe [2019-05-21 1267696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-04-25 116224]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-03-05 209104]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-11-10 1684256]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Re: Preventivni kontrola - tmczech

Napsal: 01 čer 2019 23:32
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Preventivni kontrola - tmczech

Napsal: 02 čer 2019 13:19
od tmczech
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2019
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [02/06/2019 14:15:14]
AdwCleaner[S01].txt - [1318 octets] - [02/06/2019 14:16:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Preventivni kontrola - tmczech

Napsal: 02 čer 2019 13:44
od Conder
:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Preventivni kontrola - tmczech

Napsal: 03 čer 2019 16:33
od tmczech
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by Admin (administrator) on H-ADMIN-PC (03-06-2019 17:24:53)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\SysWOW64\ASGT.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [177928 2019-04-14] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-04-23] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1723888 2019-05-21] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\MountPoints2: {4e614866-1249-11e7-96a7-60a44c639dd7} - E:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01AB679C-003F-4095-9FEB-0083282C0A3E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {12C8B45B-3203-4BF3-8E89-EFEBEA1C766E} - System32\Tasks\GoogleUpdateTaskMachineCore1d0412d4fb7764e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {2883E8B7-DD1F-48AF-8C3A-77033DC881F5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3F540679-74E8-4AB3-837E-1003E732B12A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {75BBE0B3-880A-47BB-9704-2988D8EBF08E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-19] (Adobe Inc. -> Adobe)
Task: {7F93C3E7-F89C-4D9C-B206-ECB337F4D70C} - System32\Tasks\Vypnout => C:\Windows\System32\shutdown.exe [34304 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {CF843C30-336E-4D42-87E5-B109B920633B} - System32\Tasks\GoogleUpdateTaskMachineUA1d0412d4fd1192e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {DBC462E7-01C2-4CEE-9B46-EC8D67E69E1C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E9643DB2-9E2E-4B57-A8CA-9BECA7C5CDB0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_pepper.exe [1452600 2019-05-19] (Adobe Inc. -> Adobe)
Task: {F60258E9-FE02-49EB-BB3F-709AAD402F7D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F2CA8B5C-752E-4DCA-8263-D4824911D05A}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21] (Logitech -> Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21] (Logitech -> Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-06-04] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2019-06-03]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-02]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-06-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [543112 2017-04-25] (Advanced Micro Devices, Inc. -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-06-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1486344 2017-01-28] (BattlEye Innovations e.K. -> )
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2359312 2019-04-14] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-11-25] (Huawei Software Technologies Co., LTD. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox64; C:\Windows\System32\DRIVERS\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [36549512 2017-04-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [520072 2017-04-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [82560 2012-04-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [42624 2012-04-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (ASMedia Technology Inc. -> Asmedia Technology)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [130536 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [395752 2011-11-03] (MCCI Internal Testing Software -> ASMedia Technology Inc)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-03-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107744 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188240 2019-03-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50280 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82472 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61152 2019-03-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-03-14] (ESET, spol. s r.o. -> ESET)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-31] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [58536 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-03 17:24 - 2019-06-03 17:25 - 000019788 _____ C:\Users\Admin\Desktop\FRST.txt
2019-06-03 17:24 - 2019-06-03 17:24 - 002433536 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2019-06-03 17:24 - 2019-06-03 17:24 - 000000000 ____D C:\FRST
2019-06-02 14:14 - 2019-06-02 14:15 - 000000000 ____D C:\AdwCleaner
2019-06-02 14:13 - 2019-06-02 14:13 - 007025360 _____ (Malwarebytes) C:\Users\Admin\Desktop\adwcleaner_7.3.exe
2019-06-01 11:27 - 2019-06-01 11:27 - 000016182 _____ C:\Users\Admin\Documents\cc_20190601_112730.reg
2019-06-01 11:25 - 2019-06-01 11:37 - 000000000 ____D C:\Program Files\trend micro
2019-06-01 11:25 - 2019-06-01 11:25 - 001222144 _____ C:\Users\Admin\Desktop\RSITx64.exe
2019-06-01 11:25 - 2019-06-01 11:25 - 000000000 ____D C:\rsit
2019-06-01 11:16 - 2019-06-01 11:16 - 009348294 _____ C:\Users\Admin\Desktop\WAT24360BY_MN_-_návod.pdf
2019-05-27 16:44 - 2019-05-27 17:04 - 000010573 _____ C:\Users\Admin\Desktop\otazky.xlsx
2019-05-25 16:47 - 2019-05-25 16:47 - 011620344 _____ C:\Users\Admin\Downloads\vyrocni zprava za rok 2017.pdf
2019-05-17 20:37 - 2019-05-17 20:37 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-05-17 20:37 - 2019-05-17 20:37 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-16 17:54 - 2019-05-16 17:54 - 001763839 _____ C:\Users\Admin\Desktop\Bakalarska_prace_final.pdf
2019-05-15 17:42 - 2019-04-30 02:51 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-15 17:42 - 2019-04-25 06:01 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-15 17:42 - 2019-04-25 05:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-15 17:42 - 2019-04-25 05:31 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-15 17:42 - 2019-04-25 05:28 - 005775360 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-15 17:42 - 2019-04-25 05:26 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-15 17:42 - 2019-04-25 05:09 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-15 17:42 - 2019-04-25 05:03 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-15 17:42 - 2019-04-25 04:46 - 015285248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-15 17:42 - 2019-04-25 04:40 - 004493312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-15 17:42 - 2019-04-25 04:35 - 005303808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-15 17:42 - 2019-04-25 04:24 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-15 17:42 - 2019-04-25 04:18 - 004831232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-15 17:42 - 2019-04-25 04:14 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-15 17:42 - 2019-04-19 04:54 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-05-15 17:42 - 2019-04-19 04:53 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-05-15 17:42 - 2019-04-19 04:53 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-05-15 17:42 - 2019-04-19 04:51 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:44 - 000095456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-05-15 17:42 - 2019-04-19 04:43 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-15 17:42 - 2019-04-19 04:42 - 005552864 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-15 17:42 - 2019-04-19 04:42 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-05-15 17:42 - 2019-04-19 04:42 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-05-15 17:42 - 2019-04-19 04:40 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:39 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-05-15 17:42 - 2019-04-19 04:20 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-05-15 17:42 - 2019-04-19 04:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-05-15 17:42 - 2019-04-19 04:19 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-05-15 17:42 - 2019-04-19 04:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-05-15 17:42 - 2019-04-19 04:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-05-15 17:42 - 2019-04-19 04:12 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-05-15 17:42 - 2019-04-19 04:11 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-05-15 17:42 - 2019-04-19 04:11 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-05-15 17:42 - 2019-04-19 04:08 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-05-15 17:42 - 2019-04-19 04:08 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-05-15 17:42 - 2019-04-19 04:08 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-05-15 17:42 - 2019-04-19 04:08 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-05-15 17:42 - 2019-04-19 04:08 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-05-15 17:42 - 2019-04-19 04:08 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-05-15 17:42 - 2019-04-19 04:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-05-15 17:42 - 2019-04-19 04:07 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-15 17:42 - 2019-04-19 04:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-15 17:42 - 2019-04-19 04:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-15 17:42 - 2019-04-19 04:07 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-15 17:42 - 2019-04-19 04:07 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-05-15 17:42 - 2019-04-19 04:07 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-05-15 17:42 - 2019-04-16 17:17 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-05-15 17:42 - 2019-04-16 17:17 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-15 17:42 - 2019-04-16 17:17 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-05-15 17:42 - 2019-04-16 17:17 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-05-15 17:42 - 2019-04-16 17:17 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-05-15 17:42 - 2019-04-16 17:05 - 014184448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-05-15 17:42 - 2019-04-16 17:05 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-15 17:42 - 2019-04-16 17:05 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-05-15 17:42 - 2019-04-16 17:05 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-05-15 17:42 - 2019-04-16 17:05 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-05-15 17:42 - 2019-04-16 17:05 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-05-15 17:42 - 2019-04-16 15:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2019-05-15 17:42 - 2019-04-16 15:15 - 000419648 _____ C:\Windows\system32\locale.nls
2019-05-15 17:42 - 2019-04-07 17:17 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-05-15 17:42 - 2019-04-07 17:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-15 17:42 - 2019-04-07 17:03 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-05-15 17:42 - 2019-04-07 17:03 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-15 17:42 - 2019-04-07 17:03 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-15 17:42 - 2019-04-07 17:03 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-15 17:42 - 2019-04-07 16:38 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-15 17:42 - 2019-04-05 02:34 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-15 17:41 - 2019-04-30 21:28 - 000397112 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-05-15 17:41 - 2019-04-30 20:37 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-05-15 17:41 - 2019-04-30 02:51 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-15 17:41 - 2019-04-25 05:52 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-05-15 17:41 - 2019-04-25 05:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-05-15 17:41 - 2019-04-25 05:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-05-15 17:41 - 2019-04-25 05:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-05-15 17:41 - 2019-04-25 05:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-05-15 17:41 - 2019-04-25 05:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-05-15 17:41 - 2019-04-25 05:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-05-15 17:41 - 2019-04-25 05:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-05-15 17:41 - 2019-04-25 05:28 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-05-15 17:41 - 2019-04-25 05:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-15 17:41 - 2019-04-25 05:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-05-15 17:41 - 2019-04-25 05:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-05-15 17:41 - 2019-04-25 05:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-05-15 17:41 - 2019-04-25 05:19 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-05-15 17:41 - 2019-04-25 05:16 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-05-15 17:41 - 2019-04-25 05:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-05-15 17:41 - 2019-04-25 05:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-05-15 17:41 - 2019-04-25 05:11 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-05-15 17:41 - 2019-04-25 05:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-05-15 17:41 - 2019-04-25 05:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-05-15 17:41 - 2019-04-25 05:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-05-15 17:41 - 2019-04-25 05:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-05-15 17:41 - 2019-04-25 05:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-05-15 17:41 - 2019-04-25 05:05 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-05-15 17:41 - 2019-04-25 05:05 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-05-15 17:41 - 2019-04-25 05:05 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-05-15 17:41 - 2019-04-25 05:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-05-15 17:41 - 2019-04-25 05:03 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-05-15 17:41 - 2019-04-25 05:02 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-05-15 17:41 - 2019-04-25 05:02 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-05-15 17:41 - 2019-04-25 05:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-05-15 17:41 - 2019-04-25 04:54 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-05-15 17:41 - 2019-04-25 04:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-05-15 17:41 - 2019-04-25 04:50 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-05-15 17:41 - 2019-04-25 04:50 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-05-15 17:41 - 2019-04-25 04:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-05-15 17:41 - 2019-04-25 04:49 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-05-15 17:41 - 2019-04-25 04:49 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-05-15 17:41 - 2019-04-25 04:48 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-05-15 17:41 - 2019-04-25 04:47 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-05-15 17:41 - 2019-04-25 04:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-05-15 17:41 - 2019-04-25 04:46 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-05-15 17:41 - 2019-04-25 04:45 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-05-15 17:41 - 2019-04-25 04:43 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-05-15 17:41 - 2019-04-25 04:38 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-05-15 17:41 - 2019-04-25 04:37 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-05-15 17:41 - 2019-04-25 04:36 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-05-15 17:41 - 2019-04-25 04:35 - 013682176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-15 17:41 - 2019-04-25 04:35 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-05-15 17:41 - 2019-04-25 04:14 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-05-15 17:41 - 2019-04-25 04:12 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-05-15 17:41 - 2019-04-19 04:51 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-05-15 17:41 - 2019-04-19 04:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-05-15 17:41 - 2019-04-19 04:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-05-15 17:41 - 2019-04-19 04:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-05-15 17:41 - 2019-04-19 04:44 - 000185064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-05-15 17:41 - 2019-04-19 04:43 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-15 17:41 - 2019-04-19 04:43 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-15 17:41 - 2019-04-19 04:43 - 000064232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-05-15 17:41 - 2019-04-19 04:43 - 000063208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-05-15 17:41 - 2019-04-19 04:43 - 000060648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-05-15 17:41 - 2019-04-19 04:43 - 000031976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-05-15 17:41 - 2019-04-19 04:43 - 000023784 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-05-15 17:41 - 2019-04-19 04:43 - 000020200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-05-15 17:41 - 2019-04-19 04:42 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-05-15 17:41 - 2019-04-19 04:42 - 000068328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-05-15 17:41 - 2019-04-19 04:42 - 000036064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-05-15 17:41 - 2019-04-19 04:42 - 000015080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-05-15 17:41 - 2019-04-19 04:42 - 000012136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-05-15 17:41 - 2019-04-19 04:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-05-15 17:41 - 2019-04-19 04:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-05-15 17:41 - 2019-04-19 04:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-05-15 17:41 - 2019-04-19 04:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-05-15 17:41 - 2019-04-19 04:26 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-05-15 17:41 - 2019-04-19 04:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-05-15 17:41 - 2019-04-19 04:20 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-05-15 17:41 - 2019-04-19 04:15 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-05-15 17:41 - 2019-04-19 04:15 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-05-15 17:41 - 2019-04-19 04:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-05-15 17:41 - 2019-04-16 17:17 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-05-15 17:41 - 2019-04-16 17:16 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-05-15 17:41 - 2019-04-16 17:05 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-05-15 17:41 - 2019-04-16 17:05 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-05-15 17:41 - 2019-04-16 17:05 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-05-15 17:41 - 2019-04-16 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-05-15 17:41 - 2019-04-14 07:42 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-05-15 17:41 - 2019-04-14 07:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-15 17:41 - 2019-04-14 07:40 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-05-15 17:41 - 2019-04-14 07:39 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-15 17:41 - 2019-04-14 07:39 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-05-15 17:41 - 2019-04-14 07:28 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-05-15 17:41 - 2019-04-14 07:26 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-15 17:41 - 2019-04-14 07:26 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-15 17:41 - 2019-04-14 07:26 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-05-15 17:41 - 2019-04-14 07:26 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-05-15 17:41 - 2019-04-14 07:26 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-05-15 17:41 - 2019-04-14 07:12 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-05-15 17:41 - 2019-04-07 17:17 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-05-15 17:41 - 2019-04-07 17:17 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-05-15 17:41 - 2019-04-07 17:17 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-15 17:41 - 2019-04-07 17:17 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-05-15 17:41 - 2019-04-07 17:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-05-15 17:41 - 2019-04-07 17:15 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-05-15 17:41 - 2019-04-07 17:05 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-05-15 17:41 - 2019-04-07 17:03 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-05-15 17:41 - 2019-04-07 17:03 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-05-15 17:41 - 2019-04-07 17:03 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-05-15 17:41 - 2019-04-07 17:03 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-05-15 17:41 - 2019-04-07 17:02 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-05-15 17:41 - 2019-04-07 17:02 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-05-15 17:41 - 2019-04-07 17:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-05-15 17:41 - 2019-04-07 17:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-05-15 17:41 - 2019-04-07 16:57 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-05-15 17:41 - 2019-04-07 16:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-15 17:41 - 2019-04-07 16:48 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-05-15 17:41 - 2019-04-07 16:45 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-05-15 17:41 - 2019-04-07 16:45 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-05-15 17:41 - 2019-04-07 16:45 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-05-15 17:41 - 2019-04-07 16:42 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-15 17:41 - 2019-04-07 16:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-15 17:41 - 2019-04-07 16:42 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-15 17:41 - 2019-04-07 16:42 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-15 17:41 - 2019-04-07 16:42 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-15 17:41 - 2019-04-07 16:35 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-15 17:41 - 2019-04-07 16:33 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-05-15 17:41 - 2019-04-07 16:33 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-05-15 17:41 - 2019-04-07 15:05 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-15 17:41 - 2019-04-05 02:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-13 21:22 - 2019-05-13 21:22 - 001153678 _____ C:\Users\Admin\Downloads\rocni_vypis_AXA_PP_2018_1601886232.pdf
2019-05-12 20:27 - 2019-05-12 22:02 - 000024652 _____ C:\Users\Admin\Desktop\analyza.xlsx
2019-05-12 20:12 - 2019-05-12 20:12 - 000015463 _____ C:\Users\Admin\Downloads\01400718q4s.xlsx
2019-05-06 19:13 - 2019-05-06 19:13 - 000248680 _____ C:\Users\Admin\Downloads\VP_2019_4_3034867.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-03 17:22 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-03 17:10 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-03 17:10 - 2009-07-14 06:45 - 000029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-03 17:04 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2019-06-03 17:04 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2019-06-03 17:04 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-03 16:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-02 22:55 - 2016-10-07 20:51 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-06-02 22:42 - 2013-06-17 20:39 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2019-05-31 20:56 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-05-31 12:31 - 2019-04-28 13:41 - 000000003 _____ C:\Users\Admin\Desktop\stranky.txt
2019-05-22 15:20 - 2014-01-18 18:06 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-22 15:08 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-05-19 13:47 - 2016-12-28 21:36 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-05-19 13:47 - 2013-12-19 17:42 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-19 13:47 - 2013-12-19 17:42 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-19 13:47 - 2013-12-19 17:42 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-19 13:47 - 2013-12-19 17:42 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-19 13:47 - 2013-06-02 14:58 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2019-05-18 12:47 - 2017-03-18 13:29 - 000000000 ____D C:\Windows\rescache
2019-05-17 20:37 - 2017-10-22 15:57 - 000000000 ____D C:\Program Files\CCleaner
2019-05-16 17:49 - 2009-07-14 06:45 - 000435920 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-16 17:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-05-16 17:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-05-15 22:22 - 2013-07-10 22:18 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 22:20 - 2013-06-02 13:01 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-15 22:18 - 2013-06-01 22:47 - 001559268 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-05-15 17:35 - 2016-07-29 14:21 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0412d4fd1192e
2019-05-15 17:35 - 2016-07-29 14:21 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0412d4fb7764e
2019-05-14 22:15 - 2015-11-14 14:37 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-09 23:13 - 2009-07-14 07:08 - 000032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-05-09 23:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2015-02-22 18:25 - 2015-03-28 14:32 - 000000034 _____ () C:\Users\Admin\AppData\Roaming\AdobeWLCMCache.dat
2016-08-14 15:53 - 2016-08-14 15:53 - 000031194 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2013-06-02 15:46 - 2013-11-25 23:05 - 000007599 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-25 13:19
==================== End of FRST.txt ============================

Re: Preventivni kontrola - tmczech

Napsal: 03 čer 2019 16:36
od tmczech
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Admin (03-06-2019 17:25:36)
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-06-01 20:19:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3455737578-2053105143-1757345281-500 - Administrator - Disabled)
Guest (S-1-5-21-3455737578-2053105143-1757345281-501 - Limited - Disabled)
Admin (S-1-5-21-3455737578-2053105143-1757345281-1000 - Administrator - Enabled) => C:\Users\Admin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.192 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.8.1 - ASUSTek COMPUTER INC.)
Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
CPUID HWMonitor 1.22 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
EViews 7 (HKLM-x32\...\{B68FC32E-D58F-4B74-A838-B265BF40A445}) (Version: - )
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Geeks3D.com FurMark 1.10.6 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{89A52314-C097-401F-A45B-14C8B67702FA}) (Version: 2.56.5023.942 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2013-04-18 19:09 - 2013-04-18 19:09 - 000307200 _____ ( MarkAny.) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 000677376 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-06-11 13:12 - 2012-06-11 13:12 - 000212480 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 003642880 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-01-17 11:24 - 2012-01-17 11:24 - 000055296 _____ () [File not signed] C:\Windows\SysWOW64\ASGT.exe
2017-04-24 21:17 - 2017-04-24 21:17 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-04-24 21:17 - 2017-04-24 21:17 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2012-06-11 13:12 - 2012-06-11 13:12 - 000361984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2013-07-06 16:30 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2013-04-18 19:08 - 2013-04-18 19:08 - 000106496 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2013-04-23 13:43 - 2013-04-23 13:43 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\sharepoint.com -> hxxps://vse.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-10-02 21:25 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5C01400A-ABB1-4EFC-B049-B0E1A514FF8A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B1E70062-10CD-4BA5-9D2D-D338D7542524}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3C41ADC2-740A-41D5-8CC5-2A8B7892E82D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2440A78F-C694-44B3-8942-3B2A6CB62C06}] => (Allow) LPort=2869
FirewallRules: [{676D6A35-8F2B-4EA5-86D6-7173A9B20B18}] => (Allow) LPort=1900
FirewallRules: [{B482BABB-74FD-4319-B1C1-7334ED5D47E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{00159940-E141-46A3-8CA0-9E68954ADAA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ECAC9C6A-391E-411F-BD22-7B57968AD59B}] => (Allow) J:\Hry\ARMA_3\SteamApps\common\Arma 3\arma3.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{41B9C104-0392-4442-BB08-051DC5391E10}] => (Allow) J:\Hry\ARMA_3\SteamApps\common\Arma 3\arma3.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{00B8E42D-F3E9-4DA9-8AFC-FB8C582CF147}] => (Allow) J:\Hry\ARMA_3\SteamApps\common\Arma 3\arma3launcher.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{F57872F7-7100-4B62-B5E7-8C4F31A073C0}] => (Allow) J:\Hry\ARMA_3\SteamApps\common\Arma 3\arma3launcher.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [TCP Query User{6C3ECDC2-3FAA-4DEC-9CAF-325CB97BFF75}J:\hry\aoe2\age2_x1.exe] => (Allow) J:\hry\aoe2\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{CAF2737A-ADB7-4829-9713-6C74DF36F03D}J:\hry\aoe2\age2_x1.exe] => (Allow) J:\hry\aoe2\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{74CE327F-1A0C-44D0-90B2-0145EBB7FE41}] => (Block) J:\hry\aoe2\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{21338E53-338B-4822-9CCA-A313F9A06BD0}] => (Block) J:\hry\aoe2\age2_x1.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{C32DEB6C-0238-4DD0-A696-513E6A201698}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4EEF4D06-1A8F-4AA8-98A6-3BD5868FAE5F}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{81E94D75-AD43-4D3A-B588-5CDB43D17BEC}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2577B62E-E1D7-4E44-AD84-7437009C4751}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{290C0188-4B52-4C7F-98D4-575ADE719CF6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{08024322-AE5E-41EA-A30E-C8B9EF82EC34}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

19-05-2019 19:00:00 Windows Zálohování
26-05-2019 20:21:07 Windows Zálohování
02-06-2019 20:21:08 Windows Zálohování

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2019 04:58:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/03/2019 04:57:28 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, ONEINDEX16://{S-1-5-21-3455737578-2053105143-1757345281-1000}/>.

Error: (06/03/2019 04:57:28 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, mapi16://{S-1-5-21-3455737578-2053105143-1757345281-1000}/>.

Error: (06/03/2019 04:57:28 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, mapi15://{S-1-5-21-3455737578-2053105143-1757345281-1000}/>.

Error: (06/03/2019 04:56:56 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/03/2019 04:56:56 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/03/2019 04:56:56 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/03/2019 04:56:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)


System errors:
=============
Error: (06/03/2019 05:00:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (06/03/2019 04:56:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/03/2019 04:56:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (06/02/2019 10:55:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/02/2019 09:35:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (06/02/2019 09:10:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/02/2019 08:10:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR7.

Error: (06/02/2019 08:10:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR7.


Windows Defender:
===================================
Date: 2017-10-27 20:15:08.449
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BBEF5AA7-3860-4D2C-8A0E-7D596DDF7566}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:H-Admin-PC\Admin

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1503 01/11/2013
Motherboard: ASUSTeK COMPUTER INC. SABERTOOTH 990FX R2.0
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 58%
Total physical RAM: 8090.95 MB
Available physical RAM: 3323.8 MB
Total Virtual: 16180.04 MB
Available Virtual: 10990.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:15.25 GB) NTFS
Drive i: (RECOVERY) (Fixed) (Total:48.83 GB) (Free:34.75 GB) NTFS
Drive j: (DATA) (Fixed) (Total:882.58 GB) (Free:379.12 GB) NTFS
Drive m: (My Book) (Fixed) (Total:465.64 GB) (Free:274.9 GB) FAT32

\\?\Volume{e84df157-cb29-11e2-8bbf-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9BCB0B1B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=882.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 9BCB0B13)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

==================== End of Addition.txt ============================

Re: Preventivni kontrola - tmczech

Napsal: 03 čer 2019 20:09
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\SysWOW64\ASGT.exe

HKU\S-1-5-21-3455737578-2053105143-1757345281-1000\...\MountPoints2: {4e614866-1249-11e7-96a7-60a44c639dd7} - E:\HiSuiteDownLoader.exe
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} -  No File
2015-02-22 18:25 - 2015-03-28 14:32 - 000000034 _____ () C:\Users\Admin\AppData\Roaming\AdobeWLCMCache.dat
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Preventivni kontrola - tmczech

Napsal: 06 čer 2019 12:32
od tmczech
V mezidobí jsem si bohužel "hrál" s příkazovým řádkem a poškodil jsem systém. Nyní je PC nově přeinstalováno, takže se omlouvám za zbytečnou ztrátu času...Nevím zda má cenu provádět kontrolu znovu na přeinstalovaném PC.

Re: Preventivni kontrola - tmczech

Napsal: 06 čer 2019 21:33
od Conder
V pohode. Ak chces, mozem pozriet aj na logy z preinstalovaneho Windowsu. Inak celkom by ma zaujimalo, co to boli za prikazy, ked si to vyzadovalo az reinstall :)

Re: Preventivni kontrola - tmczech

Napsal: 09 čer 2019 11:07
od tmczech
...radši bych to nerozváděl :). Posílám nový log po reinstalaci PC.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC-Hlavni at 2019-06-09 12:04:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (57%) free of 114 GB
Total RAM: 8091 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:45, on 9.6.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19375)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\trend micro\PC-Hlavni.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6791 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ddc01dd6-8bb3-4354-86fb-f57f7d493c0f -SystemEventPortName:HostProcess-aa49ea1c-133d-42b4-980c-dc6e50958785 -IoCancelEventPortName:HostProcess-fbce3a68-e46e-4be7-b7c7-625dc673ae32 -NonStateChangingEventPortName:HostProcess-8d8d953a-cb89-445a-8bd5-fecdf7a74d19 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a69091d3-a957-46f7-b22e-663967cf46d2 -DeviceGroupId:WpdFsGroup
"C:\Program Files\ESET\ESET Security\eguiproxy.exe" /hide
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
HydraDM64.exe -h:131652 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {B1CB1197-069D-45A9-81D8-46BE8945D0F0}
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {D3318704-65FE-40B9-9DB3-792DC8C6617E}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1906271199-2624928685-575406661-10005_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1906271199-2624928685-575406661-10005 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\PC-Hlavni\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\PC-Hlavni\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\PC-Hlavni\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=74.0.3729.169 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fef5628b80,0x7fef5628b90,0x7fef5628ba0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5428 --on-initialized-event-handle=332 --parent-handle=336 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAABAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=4629421239018537011 --mojo-platform-channel-handle=1132 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=2503048696760313488 --mojo-platform-channel-handle=1536 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2158896192510580742 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6560494744902786207 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2996 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=17751976831814864452 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=644141138978616003 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=11522780305298839258 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=6804984808978656474 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4140 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1100,7828463095425901323,728813332694830832,131072 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=2314390186197963630 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\PC-Hlavni\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-08-07 6827664]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2019-04-05 177928]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2016-10-14 1841496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-06-04 22691064]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2012-06-11 393216]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-06-11 641704]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-06-09 12:02:33 ----D---- C:\rsit
2019-06-09 12:02:33 ----D---- C:\Program Files\trend micro
2019-06-08 22:39:59 ----D---- C:\Program Files\CCleaner
2019-06-08 22:29:24 ----A---- C:\Windows\jestertb.dll
2019-06-08 22:24:50 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\Macromedia
2019-06-08 22:24:42 ----D---- C:\Windows\SYSWOW64\Macromed
2019-06-08 22:03:53 ----A---- C:\Windows\GPU-Z.INI
2019-06-08 22:01:38 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2019-06-08 22:01:36 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\ATI
2019-06-08 22:01:36 ----D---- C:\ProgramData\ATI
2019-06-08 22:00:02 ----D---- C:\Windows\Downloaded Installations
2019-06-08 21:59:40 ----D---- C:\ProgramData\AMD
2019-06-08 21:59:40 ----A---- C:\Windows\system32\drivers\amdiox64.sys
2019-06-08 21:59:37 ----D---- C:\Program Files (x86)\ATI Technologies
2019-06-08 21:59:34 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2019-06-08 21:59:28 ----A---- C:\Windows\SYSWOW64\ativvsvl.dat
2019-06-08 21:59:28 ----A---- C:\Windows\SYSWOW64\ativvsva.dat
2019-06-08 21:59:28 ----A---- C:\Windows\system32\coinst_8.98.dll
2019-06-08 21:59:28 ----A---- C:\Windows\system32\ativvsvl.dat
2019-06-08 21:59:28 ----A---- C:\Windows\system32\ativvsva.dat
2019-06-08 21:59:27 ----A---- C:\Windows\SYSWOW64\atipblag.dat
2019-06-08 21:59:27 ----A---- C:\Windows\system32\atipblag.dat
2019-06-08 21:59:27 ----A---- C:\Windows\system32\ATIDEMGX.dll
2019-06-08 11:43:32 ----A---- C:\Windows\system32\ZSHP1020.EXE
2019-06-08 11:43:32 ----A---- C:\Windows\system32\ZLhp1020.DLL
2019-06-05 20:25:38 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-06-05 20:25:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-06-05 20:25:38 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-06-05 20:25:38 ----A---- C:\Windows\system32\iertutil.dll
2019-06-05 20:25:38 ----A---- C:\Windows\system32\iernonce.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-06-05 20:25:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-06-05 20:25:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-05 20:25:37 ----A---- C:\Windows\system32\inseng.dll
2019-06-05 20:25:37 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-06-05 20:25:37 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-06-05 20:25:37 ----A---- C:\Windows\system32\ie4uinit.exe
2019-06-05 20:25:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-06-05 20:25:36 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-06-05 20:25:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-06-05 20:25:36 ----A---- C:\Windows\system32\urlmon.dll
2019-06-05 20:25:36 ----A---- C:\Windows\system32\occache.dll
2019-06-05 20:25:36 ----A---- C:\Windows\system32\iedkcs32.dll
2019-06-05 20:25:35 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-06-05 20:25:35 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-06-05 20:25:35 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-06-05 20:25:35 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-06-05 20:25:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-06-05 20:25:35 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-06-05 20:25:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-05 20:25:35 ----A---- C:\Windows\system32\msfeeds.dll
2019-06-05 20:25:35 ----A---- C:\Windows\system32\iesetup.dll
2019-06-05 20:25:35 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-06-05 20:25:35 ----A---- C:\Windows\system32\ieapfltr.dll
2019-06-05 20:25:35 ----A---- C:\Windows\system32\dxtrans.dll
2019-06-05 20:25:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-06-05 20:25:34 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-06-05 20:25:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-06-05 20:25:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-06-05 20:25:34 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-06-05 20:25:34 ----A---- C:\Windows\system32\vbscript.dll
2019-06-05 20:25:33 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-06-05 20:25:33 ----A---- C:\Windows\system32\mshtmled.dll
2019-06-05 20:25:33 ----A---- C:\Windows\system32\ieui.dll
2019-06-05 20:25:33 ----A---- C:\Windows\system32\ieframe.dll
2019-06-05 20:25:33 ----A---- C:\Windows\system32\dxtmsft.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\wininet.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\webcheck.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\jscript9diag.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\jscript9.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\jscript.dll
2019-06-05 20:25:32 ----A---- C:\Windows\system32\ieUnatt.exe
2019-06-05 20:25:31 ----A---- C:\Windows\system32\msrating.dll
2019-06-05 20:25:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-06-05 20:25:31 ----A---- C:\Windows\system32\mshtml.dll
2019-06-05 20:25:31 ----A---- C:\Windows\system32\jsproxy.dll
2019-06-05 18:46:02 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\system32\KBDYAK.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\system32\KBDTAT.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\system32\KBDRU1.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\system32\KBDRU.DLL
2019-06-05 18:46:02 ----A---- C:\Windows\system32\KBDBASH.DLL
2019-06-05 18:45:57 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2019-06-05 18:27:46 ----D---- C:\Windows\system32\appraiser
2019-06-05 18:27:45 ----SD---- C:\Windows\system32\CompatTel
2019-06-05 18:09:57 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2019-06-05 18:09:57 ----A---- C:\Windows\system32\d3d10level9.dll
2019-06-05 18:08:47 ----D---- C:\Program Files\Zoner
2019-06-05 18:02:35 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\Zoner
2019-06-05 18:02:35 ----D---- C:\ProgramData\Zoner
2019-06-05 17:50:58 ----A---- C:\Windows\system32\wksprt.exe
2019-06-05 17:50:57 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2019-06-05 17:50:57 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2019-06-05 17:50:57 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2019-06-05 17:50:57 ----A---- C:\Windows\system32\tsgqec.dll
2019-06-05 17:50:57 ----A---- C:\Windows\system32\rdvidcrl.dll
2019-06-05 17:50:57 ----A---- C:\Windows\system32\mstscax.dll
2019-06-05 17:50:54 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2019-06-05 17:50:54 ----A---- C:\Windows\system32\TSWbPrxy.exe
2019-06-05 17:50:54 ----A---- C:\Windows\system32\d2d1.dll
2019-06-05 17:50:47 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2019-06-05 17:50:47 ----A---- C:\Windows\SYSWOW64\esent.dll
2019-06-05 17:50:47 ----A---- C:\Windows\system32\fsutil.exe
2019-06-05 17:50:47 ----A---- C:\Windows\system32\esent.dll
2019-06-05 17:50:47 ----A---- C:\Windows\system32\drivers\nvstor.sys
2019-06-05 17:50:47 ----A---- C:\Windows\system32\drivers\nvraid.sys
2019-06-05 17:50:47 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2019-06-05 17:50:47 ----A---- C:\Windows\system32\drivers\amdxata.sys
2019-06-05 17:50:47 ----A---- C:\Windows\system32\drivers\amdsata.sys
2019-06-05 17:50:29 ----D---- C:\Program Files (x86)\Adobe
2019-06-05 17:49:53 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2019-06-05 17:49:53 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2019-06-05 17:49:51 ----A---- C:\Windows\system32\rdpcorets.dll
2019-06-05 17:49:51 ----A---- C:\Windows\system32\d3d10warp.dll
2019-06-05 17:49:47 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2019-06-05 17:49:47 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2019-06-05 17:49:47 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2019-06-05 17:49:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2019-06-05 17:49:47 ----A---- C:\Windows\system32\UIAnimation.dll
2019-06-05 17:49:47 ----A---- C:\Windows\system32\rdpudd.dll
2019-06-05 17:49:47 ----A---- C:\Windows\system32\FntCache.dll
2019-06-05 17:49:47 ----A---- C:\Windows\system32\DWrite.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\wsnmp32.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\webservices.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\usp10.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\themeui.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\scksp.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\rundll32.exe
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\oleprn.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\msctf.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\input.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\basecsp.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2019-06-05 17:49:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-06-05 17:49:43 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\werui.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\Query.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\netevent.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mswdat10.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mstext40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msrepl40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msjtes40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msjter40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msjetoledb40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msexch40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mmcshext.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mmcndmgr.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mmcbase.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mmc.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\itss.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\itircl.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\hlink.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\gpedit.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\evr.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\DXPTaskRingtone.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cryptdll.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\cic.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-06-05 17:49:43 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\xpsrchvw.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wvc.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wups.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wshqos.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wshcon.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wscript.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\winnsi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wdc.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WcsPlugInService.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WcnEapPeerProxy.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WcnEapAuthProxy.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\WcnApi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\user32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\user.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\traffic.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\tquery.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\sdchange.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\scrobj.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\samlib.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rtm.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\resmon.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rasser.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\racpldlg.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\quartz.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\pla.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\pdh.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\P2P.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\nsi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mssph.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msscp.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msra.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mscms.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mprdim.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\MigAutoPlay.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mfps.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mferror.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\mf.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\lpk.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\iprtrmgr.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\iprtprio.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\icm32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\hhsetup.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\hh.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\fdWCN.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\dispex.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\cscript.exe
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-06-05 17:49:42 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\zipfldr.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\xpsrchvw.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wuwebv.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wups2.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wups.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wudriver.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wucltux.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wuaueng.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wuauclt.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wuapp.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wuapi.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wsnmp32.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WsmWmiPl.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WsmSvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WsmRes.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wsmprovhost.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wsmplpxy.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WsmAuto.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wshcon.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wscript.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wow64win.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wow64cpu.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wow64.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wlansvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wlansec.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wlanmsm.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wlanhlp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wlanapi.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wkssvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wisptis.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wintrust.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\winsrv.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WinSetupUI.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\winnsi.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\winlogon.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\winhttp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\win32k.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wfapigp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\webservices.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WebClnt.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wdigest.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WcnEapPeerProxy.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WcnEapAuthProxy.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\wcncsvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\WcnApi.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\UtcResources.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\usp10.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\user32.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\ucrtbase.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\TSpkg.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\tquery.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\themeui.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\termsrv.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\taskcomp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\TabSvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\sxssrv.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\StructuredQuery.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\sscore.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\srvsvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\srcore.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\srclient.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\smss.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\schedsvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\schannel.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\shell32.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\shdocvw.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\SearchIndexer.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\SearchFilterHost.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\scksp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\rstrui.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\rdpcore.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\ntvdm64.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\nsisvc.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\nsi.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\nltest.exe
2019-06-05 17:49:38 ----A---- C:\Windows\system32\MSVidCtl.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\msv1_0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\mssvp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\mssrch.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\mssprxy.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\mssphtb.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\mssph.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\mssitlb.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\msshooks.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\msscntrs.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\msctf.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\MPSSVC.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\kerberos.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\input.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\icfupgd.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\icaapi.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\FirewallAPI.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\fdWCN.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbport.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbohci.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbhub.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbehci.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbd.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\udfs.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\tdx.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\srv.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2019-06-05 17:49:38 ----A---- C:\Windows\system32\drivers\afd.sys
2019-06-05 17:49:38 ----A---- C:\Windows\system32\diagtrack.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\davclnt.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\credssp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\basecsp.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\apisetschema.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-05 17:49:38 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-05 17:49:37 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wvc.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wshqos.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wshnetbs.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wpnpinst.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wmploc.DLL
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wmp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wmdrmsdk.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\WinSCard.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\win32spl.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\wdc.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\traffic.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\sysmain.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\sspisrv.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\sspicli.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\spwmp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\spoolsv.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\secur32.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\sdchange.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\scrrun.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\scrobj.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\scesrv.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\scavengeui.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rundll32.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rtm.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rrinstaller.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rpchttp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rpcrt4.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\resmon.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rasser.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rasmxs.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rasdiag.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\rascfg.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\racpldlg.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\pnrpsvc.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\plasrv.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\pla.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\perfmon.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\pdhui.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\pdh.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\p2psvc.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\P2P.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\oleprn.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\oleaut32.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\ntprint.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\ntprint.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\ntdll.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\nshwfp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\nlasvc.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\nlaapi.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\netevent.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\netbtugc.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\ncsi.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\ncrypt.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msxml6r.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msxml6.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msxml3r.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msxml3.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mssign32.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msscp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msrahc.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msra.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msobjs.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msnetobj.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msmmsp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msinfo32.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\msaudite.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mprdim.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mmcshext.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mmcndmgr.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mmcbase.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mmc.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\MigAutoPlay.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mfps.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mfpmp.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mfplat.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mfmjpegdec.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mferror.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\mf.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\lsass.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\lsasrv.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\localspl.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\iprtrmgr.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\iprtprio.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\INETRES.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\inetppui.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\inetpp.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\inetcomm.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\IKEEXT.DLL
2019-06-05 17:49:37 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2019-06-05 17:49:37 ----A---- C:\Windows\system32\dxmasf.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drmv2clt.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drmmgrtn.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\wanarp.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\rdbss.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\pacer.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\nwifi.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\ntfs.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\netio.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\netbt.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\netbios.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\ndis.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\msrpc.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\msfs.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\luafv.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\drivers\bridge.sys
2019-06-05 17:49:37 ----A---- C:\Windows\system32\dispex.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\cscript.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\cscdll.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\cscapi.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\consent.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\cic.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\bridgeunattend.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\bridgeres.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\brdgcfg.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\blackbox.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\BFE.DLL
2019-06-05 17:49:37 ----A---- C:\Windows\system32\auditpol.exe
2019-06-05 17:49:37 ----A---- C:\Windows\system32\asycfilt.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\appinfo.dll
2019-06-05 17:49:37 ----A---- C:\Windows\system32\adtschema.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\Wldap32.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\werui.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\wermgr.exe
2019-06-05 17:49:36 ----A---- C:\Windows\system32\WerFaultSecure.exe
2019-06-05 17:49:36 ----A---- C:\Windows\system32\WerFault.exe
2019-06-05 17:49:36 ----A---- C:\Windows\system32\werdiagcontroller.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\wercplsupport.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\werconcpl.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\wer.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\WcsPlugInService.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\tzres.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\t2embed.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\samsrv.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\samlib.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\quartz.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\qdvd.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\nlsbres.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\msimsg.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\msimg32.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\msihnd.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\msiexec.exe
2019-06-05 17:49:36 ----A---- C:\Windows\system32\msi.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\mscms.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\mf3216.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\lpk.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\KernelBase.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\kernel32.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\itss.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\itircl.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\IMJP10K.DLL
2019-06-05 17:49:36 ----A---- C:\Windows\system32\icm32.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\hlink.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\hhsetup.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\hal.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\gpedit.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\gdi32.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\fontsub.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\Faultrep.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\evr.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\ks.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\http.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\fastfat.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\exfat.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\drivers\dfsc.sys
2019-06-05 17:49:36 ----A---- C:\Windows\system32\dnsrslvr.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\dnscacheugc.exe
2019-06-05 17:49:36 ----A---- C:\Windows\system32\dnsapi.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\dciman32.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\cdd.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\atmlib.dll
2019-06-05 17:49:36 ----A---- C:\Windows\system32\atmfd.dll
2019-06-05 17:49:36 ----A---- C:\Windows\hh.exe
2019-06-05 17:49:36 ----A---- C:\Windows\HelpPane.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\winload.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\streamci.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\rpcss.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\Query.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\pcawrk.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\pcasvc.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\pcalua.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\pcaevts.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\pcadm.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\oleres.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\ole32.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\invagent.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\generaltel.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\EncDump.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\volmgr.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\termdd.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\swenum.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\pci.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\isapnp.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\cdfs.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\bowser.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\appid.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\drivers\AGP440.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\devinv.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\csrsrv.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cryptui.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cryptsvc.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cryptsp.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cryptnet.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cryptdll.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cryptbase.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\crypt32.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\conhost.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\comsvcs.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\comcat.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\clfs.sys
2019-06-05 17:49:35 ----A---- C:\Windows\system32\certcli.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\centel.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\cdosys.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\catsrvut.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\bcrypt.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\bcdedit.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\authui.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\audiosrv.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\AudioSes.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\AUDIOKSE.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\AudioEng.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\audiodg.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\appraiser.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\appidsvc.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\appidapi.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\aitstatic.exe
2019-06-05 17:49:35 ----A---- C:\Windows\system32\aepic.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\aeinv.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\advapi32.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\adsmsext.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\actxprxy.dll
2019-06-05 17:49:35 ----A---- C:\Windows\system32\acmigration.dll
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\processr.sys
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\errdev.sys
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-06-05 17:49:34 ----A---- C:\Windows\system32\drivers\acpi.sys
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2019-06-05 17:48:32 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2019-06-05 17:48:32 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2019-06-05 17:48:31 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2019-06-05 17:48:31 ----A---- C:\Windows\SYSWOW64\qasf.dll
2019-06-05 17:48:31 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMVXENCD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMVSENCD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMVSDECD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMVENCOD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMVDECOD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\wmpmde.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMADMOE.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\WMADMOD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\VIDRESZR.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\SysFxUI.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\qasf.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\msmpeg2adec.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\MPG4DECD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\MP4SDECD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\MP43DECD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\MP3DMOD.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2019-06-05 17:48:31 ----A---- C:\Windows\system32\mfvdsp.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\mcmde.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\ksuser.dll
2019-06-05 17:48:31 ----A---- C:\Windows\system32\drivers\portcls.sys
2019-06-05 17:48:31 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2019-06-05 17:48:31 ----A---- C:\Windows\system32\drivers\drmk.sys
2019-06-05 17:48:31 ----A---- C:\Windows\system32\COLORCNV.DLL
2019-06-05 17:46:15 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2019-06-05 17:46:15 ----A---- C:\Windows\system32\WMPhoto.dll
2019-06-05 17:45:26 ----D---- C:\ProgramData\Adobe
2019-06-05 09:35:36 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\Adobe
2019-06-04 23:36:05 ----D---- C:\Windows\SYSWOW64\Wat
2019-06-04 23:36:05 ----D---- C:\Windows\system32\Wat
2019-06-04 23:13:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-06-04 23:13:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-06-04 23:11:27 ----A---- C:\Windows\system32\IEUDINIT.EXE
2019-06-04 23:03:51 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2019-06-04 23:03:50 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2019-06-04 23:03:50 ----A---- C:\Windows\system32\elshyph.dll
2019-06-04 23:03:49 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2019-06-04 23:03:49 ----A---- C:\Windows\SYSWOW64\msls31.dll
2019-06-04 23:03:48 ----A---- C:\Windows\SYSWOW64\wextract.exe
2019-06-04 23:03:48 ----A---- C:\Windows\SYSWOW64\url.dll
2019-06-04 23:03:48 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2019-06-04 23:03:48 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2019-06-04 23:03:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2019-06-04 23:03:48 ----A---- C:\Windows\SYSWOW64\icardie.dll
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\mshta.exe
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2019-06-04 23:03:47 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2019-06-04 23:03:46 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2019-06-04 23:03:46 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2019-06-04 23:03:46 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2019-06-04 23:03:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2019-06-04 23:03:46 ----A---- C:\Windows\system32\msls31.dll
2019-06-04 23:03:46 ----A---- C:\Windows\system32\jsIntl.dll
2019-06-04 23:03:45 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2019-06-04 23:03:45 ----A---- C:\Windows\system32\mshtmler.dll
2019-06-04 23:03:45 ----A---- C:\Windows\system32\msfeedssync.exe
2019-06-04 23:03:45 ----A---- C:\Windows\system32\msfeedsbs.dll
2019-06-04 23:03:45 ----A---- C:\Windows\system32\iesysprep.dll
2019-06-04 23:03:45 ----A---- C:\Windows\system32\IEAdvpack.dll
2019-06-04 23:03:44 ----A---- C:\Windows\system32\url.dll
2019-06-04 23:03:44 ----A---- C:\Windows\system32\licmgr10.dll
2019-06-04 23:03:44 ----A---- C:\Windows\system32\ieapfltr.dat
2019-06-04 23:03:44 ----A---- C:\Windows\system32\icardie.dll
2019-06-04 23:03:43 ----A---- C:\Windows\system32\wextract.exe
2019-06-04 23:03:43 ----A---- C:\Windows\system32\iexpress.exe
2019-06-04 23:03:42 ----A---- C:\Windows\system32\pngfilt.dll
2019-06-04 23:03:42 ----A---- C:\Windows\system32\mshta.exe
2019-06-04 23:03:42 ----A---- C:\Windows\system32\imgutil.dll
2019-06-04 23:03:42 ----A---- C:\Windows\system32\iepeers.dll
2019-06-04 22:46:44 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2019-06-04 22:46:43 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2019-06-04 22:46:43 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2019-06-04 22:46:43 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2019-06-04 22:46:43 ----A---- C:\Windows\system32\wksprtPS.dll
2019-06-04 22:46:43 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2019-06-04 22:46:43 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2019-06-04 22:46:43 ----A---- C:\Windows\system32\mstsc.exe
2019-06-04 22:46:43 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2019-06-04 22:46:43 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2019-06-04 22:19:34 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2019-06-04 22:19:34 ----A---- C:\Windows\system32\rdpendp_winip.dll
2019-06-04 22:19:34 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2019-06-04 22:19:34 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2019-06-04 22:05:26 ----D---- C:\Windows\system32\MRT
2019-06-04 22:05:22 ----AC---- C:\Windows\system32\MRT.exe
2019-06-04 21:56:46 ----D---- C:\Windows\Migration
2019-06-04 21:48:42 ----A---- C:\Windows\system32\WUDFSvc.dll
2019-06-04 21:48:42 ----A---- C:\Windows\system32\WUDFPlatform.dll
2019-06-04 21:48:42 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2019-06-04 21:48:42 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2019-06-04 21:48:41 ----A---- C:\Windows\system32\WUDFx.dll
2019-06-04 21:48:41 ----A---- C:\Windows\system32\WUDFHost.exe
2019-06-04 21:48:41 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2019-06-04 21:11:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2019-06-04 21:11:46 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-06-04 21:09:44 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2019-06-04 21:09:44 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\XpsPrint.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\dxgi.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\d3d10core.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\d3d10_1core.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\d3d10_1.dll
2019-06-04 21:09:44 ----A---- C:\Windows\system32\d3d10.dll
2019-06-04 21:09:43 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2019-06-04 21:09:43 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2019-06-04 21:04:21 ----D---- C:\Program Files\Microsoft Silverlight
2019-06-04 21:04:21 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2019-06-04 20:54:19 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2019-06-04 20:54:19 ----A---- C:\Windows\SYSWOW64\icardres.dll
2019-06-04 20:54:19 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2019-06-04 20:54:19 ----A---- C:\Windows\system32\infocardapi.dll
2019-06-04 20:54:19 ----A---- C:\Windows\system32\icardres.dll
2019-06-04 20:54:19 ----A---- C:\Windows\system32\icardagt.exe
2019-06-04 20:54:13 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2019-06-04 20:54:13 ----A---- C:\Windows\system32\TsWpfWrp.exe
2019-06-04 20:52:28 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2019-06-04 20:52:28 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2019-06-04 20:52:28 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2019-06-04 20:52:28 ----A---- C:\Windows\system32\kbdgeoqw.dll
2019-06-04 20:52:28 ----A---- C:\Windows\system32\KBDAZEL.DLL
2019-06-04 20:52:28 ----A---- C:\Windows\system32\KBDAZE.DLL
2019-06-04 20:50:57 ----A---- C:\Windows\system32\bcryptprimitives.dll
2019-06-04 20:50:56 ----A---- C:\Windows\system32\drivers\cng.sys
2019-06-04 20:50:52 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2019-06-04 20:50:51 ----A---- C:\Windows\system32\winresume.exe
2019-06-04 20:50:51 ----A---- C:\Windows\system32\ci.dll
2019-06-04 20:50:44 ----A---- C:\Windows\system32\wwansvc.dll
2019-06-04 20:50:44 ----A---- C:\Windows\system32\wwanprotdim.dll
2019-06-04 20:50:37 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2019-06-04 20:50:37 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2019-06-04 20:50:37 ----A---- C:\Windows\SYSWOW64\sechost.dll
2019-06-04 20:50:37 ----A---- C:\Windows\SYSWOW64\relog.exe
2019-06-04 20:50:37 ----A---- C:\Windows\SYSWOW64\logman.exe
2019-06-04 20:50:37 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2019-06-04 20:50:37 ----A---- C:\Windows\system32\typeperf.exe
2019-06-04 20:50:37 ----A---- C:\Windows\system32\tracerpt.exe
2019-06-04 20:50:37 ----A---- C:\Windows\system32\sechost.dll
2019-06-04 20:50:37 ----A---- C:\Windows\system32\relog.exe
2019-06-04 20:50:37 ----A---- C:\Windows\system32\logman.exe
2019-06-04 20:50:37 ----A---- C:\Windows\system32\diskperf.exe
2019-06-04 20:50:22 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2019-06-04 20:50:22 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2019-06-04 20:50:22 ----A---- C:\Windows\system32\mtxoci.dll
2019-06-04 20:50:13 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2019-06-04 20:50:13 ----A---- C:\Windows\system32\cewmdm.dll
2019-06-04 20:50:10 ----A---- C:\Windows\SYSWOW64\wmi.dll
2019-06-04 20:50:10 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2019-06-04 20:50:10 ----A---- C:\Windows\system32\wmi.dll
2019-06-04 20:50:10 ----A---- C:\Windows\system32\imagehlp.dll
2019-06-04 20:50:10 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2019-06-04 20:50:10 ----A---- C:\Windows\system32\drivers\disk.sys
2019-06-04 20:50:09 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2019-06-04 20:50:09 ----A---- C:\Windows\system32\TSWorkspace.dll
2019-06-04 20:50:07 ----A---- C:\Windows\SYSWOW64\mscories.dll
2019-06-04 20:50:07 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2019-06-04 20:50:07 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2019-06-04 20:50:07 ----A---- C:\Windows\system32\mscories.dll
2019-06-04 20:50:07 ----A---- C:\Windows\system32\mscorier.dll
2019-06-04 20:50:07 ----A---- C:\Windows\system32\dfshim.dll
2019-06-04 20:50:06 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2019-06-04 20:50:06 ----A---- C:\Windows\SYSWOW64\osk.exe
2019-06-04 20:50:06 ----A---- C:\Windows\system32\ubpm.dll
2019-06-04 20:50:06 ----A---- C:\Windows\system32\osk.exe
2019-06-04 20:50:05 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2019-06-04 20:50:05 ----A---- C:\Windows\system32\wpdshext.dll
2019-06-04 20:50:04 ----A---- C:\Windows\SYSWOW64\mfds.dll
2019-06-04 20:50:04 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2019-06-04 20:50:04 ----A---- C:\Windows\system32\services.exe
2019-06-04 20:50:04 ----A---- C:\Windows\system32\mfds.dll
2019-06-04 20:50:04 ----A---- C:\Windows\system32\comctl32.dll
2019-06-04 20:49:49 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2019-06-04 20:49:49 ----A---- C:\Windows\system32\drivers\ataport.sys
2019-06-04 20:49:48 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2019-06-04 20:49:48 ----A---- C:\Windows\system32\dpnet.dll
2019-06-04 20:49:46 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2019-06-04 20:29:30 ----D---- C:\Windows\PCHEALTH
2019-06-04 20:28:42 ----A---- C:\Windows\SYSWOW64\wdi.dll
2019-06-04 20:28:42 ----A---- C:\Windows\system32\wdi.dll
2019-06-04 20:28:42 ----A---- C:\Windows\system32\powertracker.dll
2019-06-04 20:28:42 ----A---- C:\Windows\system32\perftrack.dll
2019-06-04 20:27:19 ----D---- C:\Program Files\Microsoft Office
2019-06-04 20:27:13 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2019-06-04 20:27:10 ----D---- C:\ProgramData\Microsoft Help
2019-06-04 20:27:10 ----D---- C:\Program Files (x86)\Microsoft Office
2019-06-04 20:26:59 ----RHD---- C:\MSOCache
2019-06-04 20:24:37 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2019-06-04 20:24:37 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2019-06-04 20:24:37 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2019-06-04 20:24:37 ----A---- C:\Windows\system32\mapistub.dll
2019-06-04 20:24:37 ----A---- C:\Windows\system32\mapi32.dll
2019-06-04 20:24:37 ----A---- C:\Windows\system32\fixmapi.exe
2019-06-04 20:24:36 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2019-06-04 20:24:36 ----A---- C:\Windows\system32\poqexec.exe
2019-06-04 20:20:44 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2019-06-04 20:20:44 ----A---- C:\Windows\system32\xmllite.dll
2019-06-04 20:20:40 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2019-06-04 20:20:40 ----A---- C:\Windows\system32\msieftp.dll
2019-06-04 20:20:35 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2019-06-04 20:20:35 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2019-06-04 20:20:35 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2019-06-04 20:20:35 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2019-06-04 20:20:35 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2019-06-04 20:20:35 ----A---- C:\Windows\system32\odbctrac.dll
2019-06-04 20:20:35 ----A---- C:\Windows\system32\odbccu32.dll
2019-06-04 20:20:35 ----A---- C:\Windows\system32\odbccr32.dll
2019-06-04 20:20:35 ----A---- C:\Windows\system32\odbccp32.dll
2019-06-04 20:20:19 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2019-06-04 20:20:19 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2019-06-04 20:20:19 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2019-06-04 20:20:19 ----A---- C:\Windows\system32\dhcpcore6.dll
2019-06-04 20:20:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2019-06-04 20:20:17 ----A---- C:\Windows\system32\sbe.dll
2019-06-04 20:19:54 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2019-06-04 20:19:54 ----A---- C:\Windows\system32\ntshrui.dll
2019-06-04 20:19:30 ----A---- C:\Windows\system32\profsvc.dll
2019-06-04 20:19:24 ----A---- C:\Windows\system32\dwmcore.dll
2019-06-04 20:19:23 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2019-06-04 20:19:23 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2019-06-04 20:19:23 ----A---- C:\Windows\system32\dwmapi.dll
2019-06-04 20:19:15 ----A---- C:\Windows\system32\basesrv.dll
2019-06-04 20:19:07 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2019-06-04 20:19:07 ----A---- C:\Windows\SYSWOW64\credui.dll
2019-06-04 20:19:07 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2019-06-04 20:19:07 ----A---- C:\Windows\system32\credui.dll
2019-06-04 20:17:35 ----A---- C:\Windows\SYSWOW64\tbs.dll
2019-06-04 20:17:35 ----A---- C:\Windows\system32\tbs.dll
2019-06-04 20:17:35 ----A---- C:\Windows\system32\fveapi.dll
2019-06-04 20:17:34 ----A---- C:\Windows\system32\fveapibase.dll
2019-06-04 20:17:29 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2019-06-04 20:17:29 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2019-06-04 20:17:29 ----A---- C:\Windows\system32\mfc42u.dll
2019-06-04 20:17:29 ----A---- C:\Windows\system32\mfc42.dll
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\secproc.dll
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2019-06-04 20:17:25 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2019-06-04 20:17:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2019-06-04 20:17:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2019-06-04 20:17:25 ----A---- C:\Windows\system32\secproc_isv.dll
2019-06-04 20:17:25 ----A---- C:\Windows\system32\secproc.dll
2019-06-04 20:17:25 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2019-06-04 20:17:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2019-06-04 20:17:25 ----A---- C:\Windows\system32\RMActivate_isv.exe
2019-06-04 20:17:25 ----A---- C:\Windows\system32\RMActivate.exe
2019-06-04 20:17:25 ----A---- C:\Windows\system32\msdrm.dll
2019-06-04 20:17:19 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2019-06-04 20:17:19 ----A---- C:\Windows\system32\d3d11.dll
2019-06-04 20:17:15 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2019-06-04 20:17:06 ----A---- C:\Windows\system32\drivers\usb8023.sys
2019-06-04 20:17:01 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2019-06-04 20:17:01 ----A---- C:\Windows\system32\wshrm.dll
2019-06-04 20:17:01 ----A---- C:\Windows\system32\drivers\rmcast.sys
2019-06-04 20:16:57 ----A---- C:\Windows\system32\Wdfres.dll
2019-06-04 20:16:57 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2019-06-04 20:16:57 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2019-06-04 20:16:52 ----A---- C:\Windows\system32\drivers\usbcir.sys
2019-06-04 20:16:49 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2019-06-04 20:16:49 ----A---- C:\Windows\system32\netcorehc.dll
2019-06-04 20:16:49 ----A---- C:\Windows\system32\iphlpsvc.dll
2019-06-04 20:16:35 ----A---- C:\Windows\SYSWOW64\objsel.dll
2019-06-04 20:16:35 ----A---- C:\Windows\system32\objsel.dll
2019-06-04 20:16:34 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2019-06-04 20:16:34 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\system32\wincredprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\system32\dpapiprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\system32\dimsroam.dll
2019-06-04 20:16:34 ----A---- C:\Windows\system32\cngprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\system32\capiprovider.dll
2019-06-04 20:16:34 ----A---- C:\Windows\system32\adprovider.dll
2019-06-04 20:16:22 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2019-06-04 20:16:22 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2019-06-04 20:16:22 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2019-06-04 20:16:22 ----A---- C:\Windows\system32\shimeng.dll
2019-06-04 20:16:22 ----A---- C:\Windows\system32\sdbinst.exe
2019-06-04 20:16:22 ----A---- C:\Windows\system32\apphelp.dll
2019-06-04 20:16:22 ----A---- C:\Windows\system32\aelupsvc.dll
2019-06-04 20:16:21 ----A---- C:\Windows\system32\OxpsConverter.exe
2019-06-04 20:16:17 ----A---- C:\Windows\system32\tdh.dll
2019-06-04 20:16:16 ----A---- C:\Windows\SYSWOW64\tdh.dll
2019-06-04 20:16:00 ----A---- C:\Windows\SYSWOW64\notepad.exe
2019-06-04 20:16:00 ----A---- C:\Windows\system32\notepad.exe
2019-06-04 20:16:00 ----A---- C:\Windows\notepad.exe
2019-06-04 20:15:35 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2019-06-04 20:15:35 ----A---- C:\Windows\SYSWOW64\gameux.dll
2019-06-04 20:15:35 ----A---- C:\Windows\system32\Wpc.dll
2019-06-04 20:15:35 ----A---- C:\Windows\system32\gameux.dll
2019-06-04 20:15:26 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2019-06-04 20:15:26 ----A---- C:\Windows\system32\psisdecd.dll
2019-06-04 20:15:12 ----A---- C:\Windows\SYSWOW64\qedit.dll
2019-06-04 20:15:12 ----A---- C:\Windows\SYSWOW64\devenum.dll
2019-06-04 20:15:12 ----A---- C:\Windows\system32\qedit.dll
2019-06-04 20:15:12 ----A---- C:\Windows\system32\devenum.dll
2019-06-04 20:14:58 ----A---- C:\Windows\system32\drivers\partmgr.sys
2019-06-04 20:14:50 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2019-06-04 20:14:50 ----A---- C:\Windows\system32\pku2u.dll
2019-06-04 20:14:27 ----A---- C:\Windows\system32\seclogon.dll
2019-06-04 20:14:23 ----A---- C:\Windows\system32\drivers\stream.sys
2019-06-04 20:14:15 ----A---- C:\Windows\SYSWOW64\explorer.exe
2019-06-04 20:14:15 ----A---- C:\Windows\explorer.exe
2019-06-04 20:14:10 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2019-06-04 20:14:10 ----A---- C:\Windows\system32\iologmsg.dll
2019-06-04 20:14:10 ----A---- C:\Windows\system32\drivers\storport.sys
2019-06-04 20:14:10 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2019-06-04 20:14:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2019-06-04 20:14:04 ----A---- C:\Windows\SYSWOW64\synceng.dll
2019-06-04 20:14:04 ----A---- C:\Windows\system32\synceng.dll
2019-06-04 20:14:00 ----A---- C:\Windows\system32\kdusb.dll
2019-06-04 20:14:00 ----A---- C:\Windows\system32\kdcom.dll
2019-06-04 20:14:00 ----A---- C:\Windows\system32\kd1394.dll
2019-06-04 20:13:46 ----A---- C:\Windows\SYSWOW64\charmap.exe
2019-06-04 20:13:46 ----A---- C:\Windows\system32\charmap.exe
2019-06-04 20:13:41 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2019-06-04 20:13:41 ----A---- C:\Windows\SYSWOW64\rastls.dll
2019-06-04 20:13:41 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2019-06-04 20:13:41 ----A---- C:\Windows\system32\ws2_32.dll
2019-06-04 20:13:41 ----A---- C:\Windows\system32\rastls.dll
2019-06-04 20:13:41 ----A---- C:\Windows\system32\mswsock.dll
2019-06-04 20:13:37 ----A---- C:\Windows\system32\EncDec.dll
2019-06-04 20:13:37 ----A---- C:\Windows\system32\CPFilters.dll
2019-06-04 20:13:36 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2019-06-04 20:13:36 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2019-06-04 20:13:25 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2019-06-04 20:13:25 ----A---- C:\Windows\SYSWOW64\polstore.dll
2019-06-04 20:13:25 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2019-06-04 20:13:25 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2019-06-04 20:13:25 ----A---- C:\Windows\system32\winipsec.dll
2019-06-04 20:13:25 ----A---- C:\Windows\system32\polstore.dll
2019-06-04 20:13:25 ----A---- C:\Windows\system32\IPSECSVC.DLL
2019-06-04 20:13:25 ----A---- C:\Windows\system32\gpsvc.dll
2019-06-04 20:13:25 ----A---- C:\Windows\system32\gpapi.dll
2019-06-04 20:13:25 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2019-06-04 20:13:19 ----A---- C:\Windows\system32\taskhost.exe
2019-06-04 20:13:11 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2019-06-04 20:13:11 ----A---- C:\Windows\system32\cryptdlg.dll
2019-06-04 20:13:05 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2019-06-04 20:13:05 ----A---- C:\Windows\system32\umpnpmgr.dll
2019-06-04 20:13:04 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2019-06-04 20:13:04 ----A---- C:\Windows\SYSWOW64\devobj.dll
2019-06-04 20:13:04 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2019-06-04 20:12:36 ----A---- C:\Windows\SYSWOW64\webio.dll
2019-06-04 20:12:36 ----A---- C:\Windows\system32\webio.dll
2019-06-04 20:12:31 ----A---- C:\Windows\SYSWOW64\packager.dll
2019-06-04 20:12:31 ----A---- C:\Windows\system32\packager.dll
2019-06-04 20:12:28 ----A---- C:\Windows\SYSWOW64\winsta.dll
2019-06-04 20:12:28 ----A---- C:\Windows\system32\winsta.dll
2019-06-04 20:12:28 ----A---- C:\Windows\system32\rdrmemptylst.exe
2019-06-04 20:12:28 ----A---- C:\Windows\system32\rdpwsx.dll
2019-06-04 20:12:28 ----A---- C:\Windows\system32\rdpcorekmts.dll
2019-06-04 20:12:28 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2019-06-04 20:12:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2019-06-04 20:12:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2019-06-04 20:12:20 ----A---- C:\Windows\system32\netapi32.dll
2019-06-04 20:12:20 ----A---- C:\Windows\system32\browser.dll
2019-06-04 20:12:20 ----A---- C:\Windows\system32\browcli.dll
2019-06-04 20:12:08 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2019-06-04 20:12:08 ----A---- C:\Windows\system32\InkEd.dll
2019-06-04 20:12:03 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2019-06-04 20:12:03 ----A---- C:\Windows\system32\prevhost.exe
2019-06-04 20:11:59 ----A---- C:\Windows\system32\drivers\fvevol.sys
2019-06-04 20:11:54 ----A---- C:\Windows\system32\FXSCOVER.exe
2019-06-04 20:11:50 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2019-06-04 20:11:50 ----A---- C:\Windows\system32\msvcrt.dll
2019-06-04 20:11:45 ----A---- C:\Windows\SYSWOW64\els.dll
2019-06-04 20:11:45 ----A---- C:\Windows\system32\els.dll
2019-06-04 20:11:43 ----A---- C:\Windows\system32\certutil.exe
2019-06-04 20:11:42 ----A---- C:\Windows\SYSWOW64\certutil.exe
2019-06-04 20:11:42 ----A---- C:\Windows\SYSWOW64\certenc.dll
2019-06-04 20:11:42 ----A---- C:\Windows\system32\certenc.dll
2019-06-04 20:11:31 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2019-06-04 20:11:31 ----A---- C:\Windows\system32\oleacc.dll
2019-06-04 20:11:26 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2019-06-04 20:11:26 ----A---- C:\Windows\system32\clfsw32.dll
2019-06-04 20:10:50 ----A---- C:\Windows\system32\sipnotify.exe
2019-06-04 20:09:18 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\vlc
2019-06-04 20:08:35 ----D---- C:\Program Files\VideoLAN
2019-06-04 20:08:19 ----D---- C:\Windows\Panther
2019-06-04 19:52:10 ----D---- C:\Program Files (x86)\Google
2019-06-04 19:48:48 ----D---- C:\ProgramData\ESET
2019-06-04 19:48:48 ----D---- C:\Program Files\ESET
2019-06-04 19:42:37 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2019-06-04 19:36:53 ----D---- C:\Program Files (x86)\ASM104xUSB3
2019-06-04 19:34:15 ----A---- C:\Windows\system32\RTNUninst64.dll
2019-06-04 19:34:15 ----A---- C:\Windows\system32\RtNicProp64.dll
2019-06-04 19:34:15 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2019-06-04 19:31:49 ----D---- C:\Program Files (x86)\ASM106xSATA
2019-06-04 19:28:27 ----D---- C:\Windows\SYSWOW64\RTCOM
2019-06-04 19:28:27 ----D---- C:\Program Files\Realtek
2019-06-04 19:28:16 ----R---- C:\Windows\system32\drivers\DTSU2P.DAT
2019-06-04 19:28:15 ----A---- C:\Windows\system32\tosade.dll
2019-06-04 19:28:14 ----A---- C:\Windows\system32\tepeqapo64.dll
2019-06-04 19:28:14 ----A---- C:\Windows\system32\tadefxapo264.dll
2019-06-04 19:28:14 ----A---- C:\Windows\system32\tadefxapo.dll
2019-06-04 19:28:11 ----A---- C:\Windows\system32\WavesGUILib64.dll
2019-06-04 19:28:11 ----A---- C:\Windows\system32\SRSWOW64.dll
2019-06-04 19:28:11 ----A---- C:\Windows\system32\SRSTSX64.dll
2019-06-04 19:28:11 ----A---- C:\Windows\system32\SRSTSH64.dll
2019-06-04 19:28:11 ----A---- C:\Windows\system32\SRSHP64.dll
2019-06-04 19:28:10 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2019-06-04 19:28:10 ----A---- C:\Windows\system32\SFSS_APO.dll
2019-06-04 19:28:10 ----A---- C:\Windows\system32\SFNHK64.dll
2019-06-04 19:28:10 ----A---- C:\Windows\system32\SFCOM64.dll
2019-06-04 19:28:10 ----A---- C:\Windows\system32\SFAPO64.dll
2019-06-04 19:28:10 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2019-06-04 19:28:08 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2019-06-04 19:28:08 ----A---- C:\Windows\system32\RtkCfg64.dll
2019-06-04 19:28:08 ----A---- C:\Windows\system32\RtkApi64.dll
2019-06-04 19:28:07 ----A---- C:\Windows\system32\RtPgEx64.dll
2019-06-04 19:28:07 ----A---- C:\Windows\system32\RtkAPO64.dll
2019-06-04 19:28:07 ----A---- C:\Windows\system32\RTCOM64.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RTEEP64A.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RTEEL64A.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RTEEG64A.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RTEED64A.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RP3DHT64.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RP3DAA64.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\RCoInstII64.dll
2019-06-04 19:28:05 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2019-06-04 19:28:05 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2019-06-04 19:28:04 ----A---- C:\Windows\system32\RCoRes64.dat
2019-06-04 19:28:00 ----A---- C:\Windows\system32\R4EEP64A.dll
2019-06-04 19:28:00 ----A---- C:\Windows\system32\R4EEL64A.dll
2019-06-04 19:28:00 ----A---- C:\Windows\system32\R4EEG64A.dll
2019-06-04 19:27:59 ----A---- C:\Windows\system32\R4EED64A.dll
2019-06-04 19:27:59 ----A---- C:\Windows\system32\R4EEA64A.dll
2019-06-04 19:27:59 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2019-06-04 19:27:58 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2019-06-04 19:27:58 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2019-06-04 19:27:57 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2019-06-04 19:27:56 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2019-06-04 19:27:56 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2019-06-04 19:27:55 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2019-06-04 19:27:55 ----A---- C:\Windows\system32\KAAPORT64.dll
2019-06-04 19:27:50 ----A---- C:\Windows\system32\FMAPO64.dll
2019-06-04 19:27:49 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2019-06-04 19:27:49 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2019-06-04 19:27:49 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2019-06-04 19:27:49 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2019-06-04 19:27:49 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2019-06-04 19:27:49 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2019-06-04 19:27:48 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2019-06-04 19:27:47 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2019-06-04 19:27:47 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2019-06-04 19:27:46 ----D---- C:\Program Files (x86)\Realtek
2019-06-04 19:27:46 ----A---- C:\Windows\system32\AERTAR64.dll
2019-06-04 19:27:46 ----A---- C:\Windows\system32\AERTAC64.dll
2019-06-04 19:27:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2019-06-04 19:27:40 ----HD---- C:\Program Files (x86)\Temp
2019-06-04 19:27:39 ----R---- C:\Windows\RtlExUpd.dll
2019-06-04 19:23:39 ----D---- C:\Program Files\AMD
2019-06-04 19:23:39 ----D---- C:\Program Files (x86)\AMD
2019-06-04 19:23:38 ----D---- C:\Program Files (x86)\AMD APP
2019-06-04 19:23:28 ----RA---- C:\Windows\system32\drivers\usbfilter.sys
2019-06-04 19:23:27 ----DC---- C:\Windows\system32\DRVSTORE
2019-06-04 19:23:26 ----A---- C:\Windows\system32\drivers\amd_xata.sys
2019-06-04 19:23:26 ----A---- C:\Windows\system32\drivers\amd_sata.sys
2019-06-04 19:23:05 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-06-04 19:21:33 ----D---- C:\Program Files (x86)\Microsoft.NET
2019-06-04 19:21:04 ----SHD---- C:\Windows\Installer
2019-06-04 19:21:04 ----D---- C:\Program Files\ATI
2019-06-04 19:20:23 ----D---- C:\Program Files\ATI Technologies
2019-06-04 19:19:24 ----A---- C:\Windows\AsTaskSched.dll
2019-06-04 19:19:09 ----A---- C:\Windows\system32\drivers\volsnap.sys
2019-06-04 19:17:05 ----A---- C:\Windows\Language_trs.ini
2019-06-04 19:16:58 ----A---- C:\Windows\Ascd_tmp.ini
2019-06-04 19:15:03 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\Identities
2019-06-04 19:14:59 ----SD---- C:\Users\PC-Hlavni\AppData\Roaming\Microsoft
2019-06-04 19:14:59 ----D---- C:\Users\PC-Hlavni\AppData\Roaming\Media Center Programs
2019-06-04 19:14:56 ----SHD---- C:\Recovery
2019-06-04 19:14:56 ----SHD---- C:\ProgramData\Šablony
2019-06-04 19:14:56 ----SHD---- C:\ProgramData\Plocha
2019-06-04 19:14:56 ----SHD---- C:\ProgramData\Oblíbené položky
2019-06-04 19:14:56 ----SHD---- C:\ProgramData\Nabídka Start
2019-06-04 19:14:56 ----SHD---- C:\ProgramData\Dokumenty
2019-06-04 19:14:56 ----SHD---- C:\ProgramData\Data aplikací
2019-06-04 19:14:54 ----D---- C:\Windows\SoftwareDistribution
2019-06-04 19:08:54 ----D---- C:\Windows\Prefetch
2019-06-04 19:08:45 ----SHD---- C:\System Volume Information
2019-06-04 19:08:45 ----ASH---- C:\pagefile.sys
2019-06-04 19:08:45 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 month======

2019-06-09 12:04:44 ----D---- C:\Windows\Temp
2019-06-09 12:03:40 ----D---- C:\Windows\inf
2019-06-09 12:03:40 ----D---- C:\Windows
2019-06-09 12:02:33 ----RD---- C:\Program Files
2019-06-09 12:01:37 ----D---- C:\Windows\system32\config
2019-06-09 11:57:35 ----D---- C:\Windows\System32
2019-06-09 11:57:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-06-08 22:40:52 ----D---- C:\Windows\Logs
2019-06-08 22:40:52 ----D---- C:\Windows\debug
2019-06-08 22:40:02 ----D---- C:\Windows\system32\Tasks
2019-06-08 22:24:42 ----D---- C:\Windows\SysWOW64
2019-06-08 22:10:59 ----RD---- C:\Program Files (x86)
2019-06-08 22:01:41 ----D---- C:\Windows\system32\drivers
2019-06-08 22:01:36 ----HD---- C:\ProgramData
2019-06-08 22:00:27 ----D---- C:\Windows\system32\catroot
2019-06-08 21:59:40 ----D---- C:\Windows\system32\DriverStore
2019-06-08 13:18:20 ----D---- C:\Windows\system32\FxsTmp
2019-06-07 18:40:21 ----D---- C:\Windows\rescache
2019-06-07 17:35:30 ----D---- C:\Windows\Microsoft.NET
2019-06-06 20:24:18 ----D---- C:\Windows\AppCompat
2019-06-05 20:27:19 ----D---- C:\Windows\winsxs
2019-06-05 20:26:28 ----D---- C:\Windows\SYSWOW64\en-US
2019-06-05 20:26:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-06-05 20:26:28 ----D---- C:\Windows\system32\en-US
2019-06-05 20:26:28 ----D---- C:\Windows\system32\cs-CZ
2019-06-05 20:26:28 ----D---- C:\Program Files\Internet Explorer
2019-06-05 20:26:27 ----D---- C:\Program Files (x86)\Internet Explorer
2019-06-05 20:25:12 ----D---- C:\Windows\system32\catroot2
2019-06-05 20:21:33 ----RSD---- C:\Windows\assembly
2019-06-05 20:08:56 ----D---- C:\Windows\system32\NDF
2019-06-05 18:27:49 ----D---- C:\Program Files\Windows Media Player
2019-06-05 18:27:49 ----D---- C:\Program Files\DVD Maker
2019-06-05 18:27:48 ----D---- C:\Windows\SYSWOW64\Setup
2019-06-05 18:27:48 ----D---- C:\Windows\SYSWOW64\migwiz
2019-06-05 18:27:48 ----D---- C:\Windows\SYSWOW64\migration
2019-06-05 18:27:48 ----D---- C:\Windows\SYSWOW64\Dism
2019-06-05 18:27:48 ----D---- C:\Windows\ehome
2019-06-05 18:27:48 ----D---- C:\Program Files (x86)\Windows Media Player
2019-06-05 18:27:47 ----D---- C:\Windows\system32\wbem
2019-06-05 18:27:47 ----D---- C:\Windows\system32\Setup
2019-06-05 18:27:47 ----D---- C:\Windows\system32\migwiz
2019-06-05 18:27:47 ----D---- C:\Windows\system32\migration
2019-06-05 18:27:47 ----D---- C:\Windows\system32\drivers\en-US
2019-06-05 18:27:47 ----D---- C:\Windows\system32\drivers\cs-CZ
2019-06-05 18:27:47 ----D---- C:\Windows\system32\Dism
2019-06-05 18:27:47 ----D---- C:\Windows\PolicyDefinitions
2019-06-05 18:27:46 ----RSD---- C:\Windows\Fonts
2019-06-05 18:27:46 ----D---- C:\Windows\AppPatch
2019-06-05 18:27:45 ----D---- C:\Windows\system32\Boot
2019-06-05 17:50:30 ----D---- C:\Program Files (x86)\Common Files
2019-06-05 09:30:53 ----D---- C:\Windows\system32\drivers\UMDF
2019-06-04 23:36:13 ----D---- C:\Program Files\Common Files\System
2019-06-04 23:36:11 ----D---- C:\Windows\SYSWOW64\wbem
2019-06-04 23:36:09 ----D---- C:\Windows\system32\AdvancedInstallers
2019-06-04 23:36:07 ----D---- C:\Windows\system32\CodeIntegrity
2019-06-04 23:36:06 ----D---- C:\Windows\tracing
2019-06-04 23:36:06 ----D---- C:\Program Files\Windows Defender
2019-06-04 23:36:06 ----D---- C:\Program Files (x86)\Windows Defender
2019-06-04 23:36:05 ----D---- C:\Windows\ShellNew
2019-06-04 23:36:04 ----SD---- C:\ProgramData\Microsoft
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\zh-TW
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\zh-HK
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\zh-CN
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\tr-TR
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\sv-SE
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\ru-RU
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\pt-PT
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\pt-BR
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\pl-PL
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\nl-NL
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\ko-KR
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\ja-JP
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\it-IT
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\hu-HU
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\fr-FR
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\fi-FI
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\es-ES
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\el-GR
2019-06-04 23:36:00 ----D---- C:\Windows\SYSWOW64\de-DE
2019-06-04 23:35:59 ----D---- C:\Windows\SYSWOW64\nb-NO
2019-06-04 23:35:59 ----D---- C:\Windows\SYSWOW64\da-DK
2019-06-04 23:35:59 ----D---- C:\Windows\system32\zh-TW
2019-06-04 23:35:59 ----D---- C:\Windows\system32\zh-HK
2019-06-04 23:35:59 ----D---- C:\Windows\system32\zh-CN
2019-06-04 23:35:59 ----D---- C:\Windows\system32\tr-TR
2019-06-04 23:35:59 ----D---- C:\Windows\system32\sv-SE
2019-06-04 23:35:59 ----D---- C:\Windows\system32\ru-RU
2019-06-04 23:35:59 ----D---- C:\Windows\system32\pt-PT
2019-06-04 23:35:59 ----D---- C:\Windows\system32\pt-BR
2019-06-04 23:35:59 ----D---- C:\Windows\system32\pl-PL
2019-06-04 23:35:59 ----D---- C:\Windows\system32\nl-NL
2019-06-04 23:35:59 ----D---- C:\Windows\system32\nb-NO
2019-06-04 23:35:59 ----D---- C:\Windows\system32\ko-KR
2019-06-04 23:35:59 ----D---- C:\Windows\system32\ja-JP
2019-06-04 23:35:59 ----D---- C:\Windows\system32\it-IT
2019-06-04 23:35:59 ----D---- C:\Windows\system32\hu-HU
2019-06-04 23:35:59 ----D---- C:\Windows\system32\fr-FR
2019-06-04 23:35:59 ----D---- C:\Windows\system32\fi-FI
2019-06-04 23:35:59 ----D---- C:\Windows\system32\es-ES
2019-06-04 23:35:59 ----D---- C:\Windows\system32\el-GR
2019-06-04 23:35:59 ----D---- C:\Windows\system32\de-DE
2019-06-04 23:35:59 ----D---- C:\Windows\system32\da-DK
2019-06-04 21:19:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2019-06-04 19:19:05 ----D---- C:\Windows\system32\restore
2019-06-04 19:16:57 ----D---- C:\Windows\SYSWOW64\drivers
2019-06-04 19:15:02 ----SHD---- C:\$Recycle.Bin
2019-06-04 19:14:59 ----RD---- C:\Users
2019-06-04 19:14:56 ----D---- C:\Program Files\Windows NT
2019-06-04 19:11:01 ----D---- C:\Windows\system32\sysprep

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2019-04-05 107744]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-04-05 145600]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-04-05 188240]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2019-04-05 82472]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2019-04-05 61152]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-04-05 110000]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2019-04-05 50280]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-11 10248192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-11 367616]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-08-07 4102928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-11 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-11 361984]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2019-04-05 2359312]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2019-04-05 2359312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-06-04 154920]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe [2019-05-21 1267696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-06-04 154920]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-05-17 116224]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 161472]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2019-06-04 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Re: Preventivni kontrola - tmczech

Napsal: 09 čer 2019 15:36
od Conder
:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
:arrow: Nasledne poprosim rovno aj o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Preventivni kontrola - tmczech

Napsal: 13 čer 2019 19:22
od tmczech
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-13-2019
# Duration: 00:00:00
# OS: Windows 7 Home Premium
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1257 octets] - [13/06/2019 20:20:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Preventivni kontrola - tmczech

Napsal: 13 čer 2019 21:04
od Conder
:arrow: OK, poprosim o obidva logy z FRST - https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Preventivni kontrola - tmczech

Napsal: 18 čer 2019 19:31
od tmczech
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by PC-Hlavni (18-06-2019 20:15:40)
Running from C:\Users\PC-Hlavni\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2019-06-04 17:14:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1906271199-2624928685-575406661-500 - Administrator - Disabled)
Guest (S-1-5-21-1906271199-2624928685-575406661-501 - Limited - Disabled)
PC-Hlavni (S-1-5-21-1906271199-2624928685-575406661-1000 - Administrator - Enabled) => C:\Users\PC-Hlavni

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HydraVision (HKLM-x32\...\{20E0DE70-8644-F1C6-7E00-04EEB9195B14}) (Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.0 - Mozilla)
Mozilla Thunderbird 60.7.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.7.0 (x86 cs)) (Version: 60.7.0 - Mozilla)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7 - VideoLAN)
Zoner Photo Studio 14 (HKLM\...\ZonerPhotoStudio14_CZ_is1) (Version: 14.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-06-11] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2009-01-20 14:51 - 2009-01-20 14:51 - 000007168 _____ ( ) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2012-05-04 16:42 - 2012-05-04 16:42 - 000430080 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-04 16:42 - 2012-05-04 16:42 - 000032768 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000369152 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000090112 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 000677376 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-06-11 13:12 - 2012-06-11 13:12 - 000212480 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-06-11 13:12 - 2012-06-11 13:12 - 000103424 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 003642880 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000005120 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Audio.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000039936 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000029696 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000254464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000441344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000111104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000237568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000110592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000256512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000100864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 002510848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000110592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000097280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Shared.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 001260032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000172032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 001007616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000071168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000046080 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.HydraVision.Aspects.Runtime.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2012-06-11 12:44 - 2012-06-11 12:44 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 001395200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000413696 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000307200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2012-06-11 12:40 - 2012-06-11 12:40 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-01-25 15:32 - 2012-01-25 15:32 - 000299008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2012-06-11 12:41 - 2012-06-11 12:41 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000097280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-05-15 00:21 - 2012-05-15 00:21 - 000146944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000066048 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000393216 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2012-06-11 12:42 - 2012-06-11 12:42 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 001406464 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2012-06-11 12:45 - 2012-06-11 12:45 - 000139776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000380928 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2007-05-02 17:44 - 2007-05-02 17:44 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
2007-08-09 16:58 - 2007-08-09 16:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 12:04 - 2008-12-30 12:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2009-12-08 07:49 - 2009-12-08 07:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2010-10-07 13:07 - 2010-10-07 13:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2010-11-05 14:18 - 2010-11-05 14:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000331776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.cs_Localization.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000477696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2012-06-11 12:43 - 2012-06-11 12:43 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2012-06-11 13:12 - 2012-06-11 13:12 - 000361984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2012-06-11 12:45 - 2012-06-11 12:45 - 000028160 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000311296 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-06-11 12:41 - 2012-06-11 12:41 - 000192512 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2012-06-11 12:46 - 2012-06-11 12:46 - 000393216 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
2012-06-11 12:47 - 2012-06-11 12:47 - 000282624 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
2012-06-11 12:46 - 2012-06-11 12:46 - 000217088 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
2012-06-11 12:46 - 2012-06-11 12:46 - 000242688 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
2012-06-11 13:12 - 2012-06-11 13:12 - 000037376 _____ (AMD) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2012-04-09 17:13 - 2012-04-09 17:13 - 000299008 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2010-03-04 01:27 - 2010-03-04 01:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-1906271199-2624928685-575406661-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC-Hlavni\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{779E1155-BAC2-46F5-8A52-3A7F8EA9B96C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

09-06-2019 11:50:17 Windows Update
11-06-2019 21:34:50 Windows Update
11-06-2019 22:55:56 Windows Update
15-06-2019 13:22:13 Windows Update
18-06-2019 20:06:05 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2019 08:05:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/17/2019 09:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x4fd626ed
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x760
Čas spuštění chybující aplikace: 0x01d5253a39d944c1
Cesta k chybující aplikaci: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Cesta k chybujícímu modulu: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
ID zprávy: a9781036-9136-11e9-940d-60a44c639dd7

Error: (06/17/2019 08:28:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/17/2019 04:30:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x4fd626ed
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x778
Čas spuštění chybující aplikace: 0x01d52515e13b43ea
Cesta k chybující aplikaci: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Cesta k chybujícímu modulu: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
ID zprávy: 67d4ea3d-910c-11e9-941e-60a44c639dd7

Error: (06/17/2019 04:08:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/17/2019 01:45:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x4fd626ed
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0x01d524e525563988
Cesta k chybující aplikaci: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Cesta k chybujícímu modulu: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
ID zprávy: 69c90303-90f5-11e9-93fa-60a44c639dd7

Error: (06/17/2019 10:19:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/16/2019 09:56:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x4fd626ed
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x744
Čas spuštění chybující aplikace: 0x01d5246d96b63681
Cesta k chybující aplikaci: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Cesta k chybujícímu modulu: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
ID zprávy: db27aa0c-9070-11e9-9aa1-60a44c639dd7


System errors:
=============
Error: (06/18/2019 08:06:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definic pro Windows Defender Antivirus - KB915597 (definice 1.295.809.0).

Error: (06/17/2019 09:32:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2019 09:19:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definic pro Windows Defender Antivirus - KB915597 (definice 1.295.809.0).

Error: (06/17/2019 09:19:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definic pro Windows Defender Antivirus - KB915597 (definice 1.295.809.0).

Error: (06/17/2019 04:30:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2019 01:45:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/17/2019 11:23:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Aktualizace definic pro Windows Defender Antivirus - KB915597 (definice 1.295.809.0).

Error: (06/16/2019 09:56:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-06-18 20:10:59.117
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-18 20:06:14.119
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-18 20:05:57.255
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-17 21:19:13.149
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2019-06-17 21:18:40.343
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16000.6
Předchozí verze modulu:1.1.6402.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-06-04 22:07:27.083
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-04 22:07:27.083
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1503 01/11/2013
Motherboard: ASUSTeK COMPUTER INC. SABERTOOTH 990FX R2.0
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 39%
Total physical RAM: 8090.95 MB
Available physical RAM: 4865.08 MB
Total Virtual: 16180.04 MB
Available Virtual: 12883.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.57 GB) (Free:64.92 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:48.83 GB) (Free:34.75 GB) NTFS
Drive e: (DATA) (Fixed) (Total:882.58 GB) (Free:377.95 GB) NTFS

\\?\Volume{309e4e60-87a7-11e9-b41f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9BCB0B1B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=882.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 9BCB0B13)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Preventivni kontrola - tmczech

Napsal: 18 čer 2019 21:53
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1906271199-2624928685-575406661-1000\...\MountPoints2: {65f45a42-86eb-11e9-b20f-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-1906271199-2624928685-575406661-1000\...\MountPoints2: {96d8f20f-86f5-11e9-9608-60a44c639dd7} - K:\HiSuiteDownLoader.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-06-09 12:02 - 2019-06-09 12:04 - 000000000 ____D C:\Program Files\trend micro
2019-06-09 12:02 - 2019-06-09 12:02 - 000000000 ____D C:\rsit

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz