Prosím o kontrolu Logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jaro3 » 21 lis 2016 09:49

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
c:\windows\Tasks\Adobe Flash Player Updater.job

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Vlož nový log z HJT + informuj o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 21 lis 2016 17:55

Bohužel jsem nikde nenašel jak vypnout "COMODO DEFENSE +"
Zde log z ComboFixu

ComboFix 16-11-13.01 - Michal 21.11.2016 17:41:41.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3983.2210 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michal\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-10-21 do 2016-11-21 )))))))))))))))))))))))))))))))
.
.
2016-11-21 16:46 . 2016-11-21 16:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-20 23:00 . 2016-11-20 23:00 -------- d-----w- c:\windows\SysWow64\Microsoft
2016-11-20 23:00 . 2016-11-20 23:00 -------- d-----w- c:\program files (x86)\FoxPDF Software Inc
2016-11-20 22:55 . 2016-11-20 22:55 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2016-11-20 20:32 . 2016-11-20 20:32 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-11-20 20:32 . 2016-11-20 20:32 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-11-20 19:14 . 2016-11-20 19:14 -------- d-----w- C:\VTRoot
2016-11-16 06:12 . 2016-11-16 05:42 24064 ----a-w- c:\windows\zoek-delete.exe
2016-11-16 05:42 . 2016-11-16 06:05 -------- d-----w- C:\zoek_backup
2016-11-15 17:37 . 2016-11-15 22:05 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-11-15 17:35 . 2016-11-15 17:36 -------- d-----w- c:\programdata\RogueKiller
2016-11-15 16:43 . 2016-11-15 16:43 -------- d-----w- c:\programdata\Sophos
2016-11-14 18:15 . 2016-11-14 18:15 -------- d-----w- c:\windows\ehome
2016-11-14 18:15 . 2016-11-14 18:15 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2016-11-14 18:15 . 2016-11-14 18:15 -------- d-----r- c:\users\Public\Recorded TV
2016-11-14 18:02 . 2016-11-14 18:02 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-11-14 17:20 . 2016-11-15 21:58 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-11-14 17:20 . 2016-11-14 17:20 -------- d-----w- c:\programdata\Malwarebytes
2016-11-14 15:13 . 2016-11-14 17:31 -------- d-----w- C:\AdwCleaner
2016-11-14 14:27 . 2016-11-14 14:27 -------- d-----w- c:\program files\CPUID
2016-11-13 18:15 . 2016-11-13 18:15 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-11-13 17:56 . 2016-11-13 17:57 -------- d-----w- c:\windows\system32\MRT
2016-11-13 17:50 . 2016-11-13 17:50 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2016-11-13 17:50 . 2016-11-13 17:50 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2016-11-13 17:50 . 2016-11-13 17:50 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2016-11-13 17:50 . 2016-11-13 17:50 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2016-11-13 17:50 . 2016-11-13 17:50 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2016-11-13 17:50 . 2016-11-13 17:50 243200 ----a-w- c:\windows\system32\rdpudd.dll
2016-11-13 17:50 . 2016-11-13 17:50 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2016-11-13 17:39 . 2016-03-17 22:56 2084864 ----a-w- c:\windows\system32\ole32.dll
2016-11-13 17:39 . 2016-03-17 22:28 1414144 ----a-w- c:\windows\SysWow64\ole32.dll
2016-11-13 17:39 . 2016-01-22 06:18 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-11-13 17:39 . 2016-01-22 06:18 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-11-13 17:39 . 2016-01-22 06:04 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-11-13 17:39 . 2016-01-22 06:04 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-11-13 17:37 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-11-13 17:28 . 2016-11-13 17:28 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-11-13 17:28 . 2016-11-13 17:28 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-11-13 17:28 . 2016-11-13 17:28 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-11-13 17:28 . 2016-11-13 17:28 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2016-11-13 17:28 . 2016-11-13 17:28 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-11-13 17:28 . 2016-11-13 17:28 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-11-13 17:28 . 2016-11-13 17:28 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-11-13 17:28 . 2016-11-13 17:28 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-11-13 17:28 . 2016-11-13 17:28 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2016-11-13 17:17 . 2016-11-21 16:45 -------- d-----r- c:\program files (x86)\Skype
2016-11-13 17:17 . 2016-11-13 17:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2016-11-13 17:17 . 2016-11-13 17:17 -------- d-----w- c:\programdata\Skype
2016-11-13 17:10 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-11-13 17:10 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-13 16:58 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2016-11-13 16:58 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2016-11-13 16:58 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2016-11-13 16:54 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2016-11-13 16:54 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2016-11-13 16:54 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2016-11-13 16:54 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2016-11-13 16:54 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2016-11-13 16:54 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2016-11-13 16:54 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2016-11-13 16:54 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2016-11-13 16:52 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2016-11-13 16:51 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2016-11-13 16:50 . 2016-11-13 16:50 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2016-11-13 16:45 . 2016-11-13 16:45 331776 ----a-w- c:\windows\system32\oleacc.dll
2016-11-13 16:45 . 2016-11-13 16:45 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2016-11-13 16:33 . 2016-11-13 16:33 -------- d-----w- c:\windows\SysWow64\Wat
2016-11-13 16:33 . 2016-11-13 16:33 -------- d-----w- c:\windows\system32\Wat
2016-11-13 16:27 . 2016-11-13 16:27 9728 ----a-w- c:\windows\system32\Wdfres.dll
2016-11-13 16:27 . 2016-11-13 16:27 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2016-11-13 16:27 . 2016-11-13 16:27 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2016-11-13 16:23 . 2016-11-13 16:23 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2016-11-13 16:23 . 2016-11-13 16:23 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2016-11-13 16:23 . 2016-11-13 16:23 744448 ----a-w- c:\windows\system32\WUDFx.dll
2016-11-13 16:23 . 2016-11-13 16:23 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2016-11-13 16:23 . 2016-11-13 16:23 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2016-11-13 16:23 . 2016-11-13 16:23 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2016-11-13 16:23 . 2016-11-13 16:23 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2016-11-13 16:16 . 2016-11-13 16:16 634432 ----a-w- c:\windows\system32\winload.exe
2016-11-13 16:16 . 2016-11-13 16:16 546656 ----a-w- c:\windows\system32\winresume.exe
2016-11-13 16:16 . 2016-11-13 16:16 457400 ----a-w- c:\windows\system32\ci.dll
2016-11-13 16:16 . 2016-11-13 16:16 286720 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2016-11-13 16:16 . 2016-11-13 16:16 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-11-13 16:16 . 2016-11-13 16:16 156672 ----a-w- c:\windows\system32\mtxoci.dll
2016-11-13 16:16 . 2016-11-13 16:16 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-11-13 16:16 . 2016-11-13 16:16 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2016-11-13 16:16 . 2016-11-13 16:16 879104 ----a-w- c:\windows\system32\tdh.dll
2016-11-13 16:16 . 2016-11-13 16:16 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-11-13 16:13 . 2016-11-13 16:13 199680 ----a-w- c:\windows\system32\xmllite.dll
2016-11-13 16:12 . 2016-11-13 16:12 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
2016-11-13 16:11 . 2016-11-13 16:11 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2016-11-13 16:11 . 2016-11-13 16:11 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2016-11-13 16:11 . 2016-11-13 16:11 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2016-11-13 16:11 . 2016-11-13 16:11 2048 ----a-w- c:\windows\system32\iologmsg.dll
2016-11-13 16:11 . 2016-11-13 16:11 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2016-11-13 16:08 . 2016-11-13 16:08 197120 ----a-w- c:\windows\system32\shdocvw.dll
2016-11-13 16:06 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-11-13 16:06 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2016-11-13 16:06 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2016-11-13 16:06 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2016-11-13 16:06 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2016-11-13 16:06 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2016-11-13 16:06 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2016-11-13 15:59 . 2016-11-13 15:59 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2016-11-13 15:59 . 2016-11-13 15:59 70144 ----a-w- c:\windows\system32\appinfo.dll
2016-11-13 15:59 . 2016-11-13 15:59 504320 ----a-w- c:\windows\system32\msihnd.dll
2016-11-13 15:59 . 2016-11-13 15:59 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2016-11-13 15:59 . 2016-11-13 15:59 3243520 ----a-w- c:\windows\system32\msi.dll
2016-11-13 15:59 . 2016-11-13 15:59 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2016-11-13 15:59 . 2016-11-13 15:59 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-11-13 15:59 . 2016-11-13 15:59 2365440 ----a-w- c:\windows\SysWow64\msi.dll
2016-11-13 15:59 . 2016-11-13 15:59 128000 ----a-w- c:\windows\system32\msiexec.exe
2016-11-13 15:59 . 2016-11-13 15:59 114408 ----a-w- c:\windows\system32\consent.exe
2016-11-13 15:47 . 2016-11-13 15:47 -------- d-----w- c:\windows\Migration
2016-11-13 15:47 . 2016-11-13 15:47 -------- d-----w- c:\program files (x86)\Microsoft.NET
2016-11-13 15:36 . 2016-11-13 15:36 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-11-13 15:36 . 2016-11-13 15:36 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-11-13 03:13 . 2016-11-13 03:13 -------- d-----w- c:\program files (x86)\VideoLAN
2016-11-12 21:39 . 2016-11-12 21:39 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-11-12 21:39 . 2016-11-12 21:39 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-11-12 21:38 . 2016-11-12 21:38 -------- d-----w- c:\programdata\Oracle
2016-11-12 21:38 . 2016-11-12 21:38 -------- d-----w- c:\program files\Java
2016-11-11 13:51 . 2016-11-11 13:51 -------- d-----w- c:\windows\CheckSur
2016-11-10 15:47 . 2016-11-13 15:50 96752 ----a-w- c:\windows\SysWow64\OpenCL.DLL
2016-11-10 15:47 . 2016-11-13 15:50 92648 ----a-w- c:\windows\system32\OpenCL.DLL
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-13 18:10 . 2016-11-13 18:10 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-11-13 18:10 . 2016-11-13 18:10 243200 ----a-w- c:\windows\system32\webcheck.dll
2016-11-13 16:15 . 2016-11-13 16:15 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2016-11-13 16:15 . 2016-11-13 16:15 113664 ----a-w- c:\windows\system32\sechost.dll
2016-11-13 15:50 . 2015-08-09 03:52 1299392 ----a-w- c:\windows\system32\igdmd64.dll
2016-11-13 15:50 . 2015-08-09 03:52 1039488 ----a-w- c:\windows\SysWow64\igdmd32.dll
2016-11-13 15:50 . 2015-08-09 03:50 13824 ----a-w- c:\windows\system32\igfxLHMLib.dll
2016-11-13 15:50 . 2015-08-09 03:50 1379328 ----a-w- c:\windows\system32\igfxcmjit64.dll
2016-11-13 15:50 . 2015-08-09 03:50 1073152 ----a-w- c:\windows\SysWow64\igfxcmjit32.dll
2016-11-13 15:50 . 2015-08-09 03:50 224240 ----a-w- c:\windows\system32\igfx11cmrt64.dll
2016-11-13 15:50 . 2015-08-09 03:50 200704 ----a-w- c:\windows\system32\igdde64.dll
2016-11-13 15:50 . 2015-08-09 03:50 189416 ----a-w- c:\windows\SysWow64\igfx11cmrt32.dll
2016-11-13 15:50 . 2015-08-09 03:50 161792 ----a-w- c:\windows\SysWow64\igdde32.dll
2016-11-13 15:50 . 2015-08-09 03:50 634352 ----a-w- c:\windows\system32\MetroIntelGenericUIFramework.dll
2016-11-13 15:50 . 2015-08-09 03:50 44032 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2016-11-13 15:50 . 2015-08-09 03:52 25076864 ----a-w- c:\windows\system32\igdumdim64.dll
2016-11-13 15:50 . 2015-08-09 03:52 24270600 ----a-w- c:\windows\SysWow64\igdumdim32.dll
2016-11-13 15:50 . 2015-08-09 03:52 17493192 ----a-w- c:\windows\SysWow64\igd11dxva32.dll
2016-11-13 15:50 . 2015-08-09 03:52 8723000 ----a-w- c:\windows\SysWow64\igd10iumd32.dll
2016-11-13 15:50 . 2015-08-09 03:52 295568 ----a-w- c:\windows\system32\igd10idpp64.dll
2016-11-13 15:50 . 2015-08-09 03:52 275816 ----a-w- c:\windows\SysWow64\igd10idpp32.dll
2016-11-13 15:50 . 2015-08-09 03:52 225488 ----a-w- c:\windows\system32\igfxcmrt64.dll
2016-11-13 15:50 . 2015-08-09 03:52 190640 ----a-w- c:\windows\SysWow64\igfxcmrt32.dll
2016-11-13 15:50 . 2015-08-09 03:52 17973744 ----a-w- c:\windows\system32\igd11dxva64.dll
2016-11-13 15:50 . 2015-08-09 03:50 71152 ----a-w- c:\windows\system32\igfxDHLib.dll
2016-11-13 15:50 . 2015-08-09 03:50 19968 ----a-w- c:\windows\system32\igfxDILib.dll
2016-11-13 15:50 . 2015-08-09 03:50 18944 ----a-w- c:\windows\system32\igfxEMLib.dll
2016-11-13 15:50 . 2015-08-09 03:52 1425032 ----a-w- c:\windows\system32\iglhsip64.dll
2016-11-13 15:50 . 2015-08-09 03:52 1421904 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2016-11-13 15:50 . 2015-08-09 03:52 47472 ----a-w- c:\windows\system32\igfxexps.dll
2016-11-13 15:50 . 2015-08-09 03:50 240128 ----a-w- c:\windows\system32\igfxDTCM.dll
2016-11-13 15:50 . 2015-08-09 03:50 13824 ----a-w- c:\windows\system32\igfxLHMLibv2_0.dll
2016-11-13 15:50 . 2015-08-09 03:50 380928 ----a-w- c:\windows\system32\IntelOpenCL64.dll
2016-11-13 15:50 . 2015-08-09 03:50 314352 ----a-w- c:\windows\SysWow64\IntelOpenCL32.dll
2016-11-13 15:50 . 2015-08-09 03:50 1139712 ----a-w- c:\windows\system32\GfxResources.dll
2016-11-13 15:50 . 2015-08-09 03:52 232832 ----a-w- c:\windows\system32\iglhcp64.dll
2016-11-13 15:50 . 2015-08-09 03:52 196392 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2016-11-13 15:50 . 2015-08-09 03:52 4929056 ----a-w- c:\windows\SysWow64\igdusc32.dll
2016-11-13 15:50 . 2015-08-09 03:50 96752 ----a-w- c:\windows\SysWow64\Intel_OpenCL_ICD32.dll
2016-11-13 15:50 . 2015-08-09 03:50 92648 ----a-w- c:\windows\system32\Intel_OpenCL_ICD64.dll
2016-11-13 15:50 . 2015-08-09 03:50 82432 ----a-w- c:\windows\system32\igfxDHLibv2_0.dll
2016-11-13 15:50 . 2015-08-09 03:50 395248 ----a-w- c:\windows\system32\igfxOSP.dll
2016-11-13 15:50 . 2015-08-09 03:50 3335664 ----a-w- c:\windows\SysWow64\igdrcl32.dll
2016-11-13 15:50 . 2015-08-09 03:50 266224 ----a-w- c:\windows\system32\igfxCPL.cpl
2016-11-13 15:50 . 2015-08-09 03:50 20976 ----a-w- c:\windows\system32\igfxDILibv2_0.dll
2016-11-13 15:50 . 2015-08-09 03:50 192000 ----a-w- c:\windows\system32\igfxCoIn_v4264.dll
2016-11-13 15:50 . 2015-08-09 03:50 18944 ----a-w- c:\windows\system32\igfxEMLibv2_0.dll
2016-11-13 15:50 . 2015-08-09 03:50 15989760 ----a-w- c:\windows\system32\igdfcl64.dll
2016-11-13 15:50 . 2015-08-09 03:50 9562096 ----a-w- c:\windows\system32\ig75icd64.dll
2016-11-13 15:50 . 2015-08-09 03:50 7529968 ----a-w- c:\windows\SysWow64\ig75icd32.dll
2016-11-13 15:50 . 2015-08-09 03:50 4928256 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2016-11-13 15:50 . 2015-08-09 03:50 434176 ----a-w- c:\windows\system32\igdbcl64.dll
2016-11-13 15:50 . 2015-08-09 03:50 3599360 ----a-w- c:\windows\system32\igdrcl64.dll
2016-11-13 15:50 . 2015-08-09 03:50 178688 ----a-w- c:\windows\system32\igdail64.dll
2016-11-13 15:50 . 2015-08-09 03:50 162280 ----a-w- c:\windows\SysWow64\igdail32.dll
2016-11-13 15:50 . 2015-08-09 03:50 102912 ----a-w- c:\windows\system32\IccLibDll_x64.dll
2016-11-13 15:50 . 2015-08-09 03:50 95232 ----a-w- c:\windows\system32\igfxCUIServicePS.dll
2016-11-13 15:50 . 2015-08-09 03:50 10860544 ----a-w- c:\windows\SysWow64\igdfcl32.dll
2016-11-13 15:50 . 2015-08-09 03:50 382976 ----a-w- c:\windows\SysWow64\igdbcl32.dll
2016-11-13 15:50 . 2015-08-09 03:50 288688 ----a-w- c:\windows\SysWow64\IntelCpHeciSvc.exe
2016-11-13 15:50 . 2015-08-09 03:50 228264 ----a-w- c:\windows\system32\igfxext.exe
2016-11-13 15:50 . 2015-08-09 03:50 459160 ----a-w- c:\windows\system32\GfxUIEx.exe
2016-11-13 15:50 . 2015-08-09 03:50 349600 ----a-w- c:\windows\system32\DPTopologyAppv2_0.exe
2016-11-13 15:50 . 2015-08-09 03:50 1047960 ----a-w- c:\windows\system32\Gfxv4_0.exe
2016-11-13 15:50 . 2015-08-09 03:50 1044896 ----a-w- c:\windows\system32\Gfxv2_0.exe
2016-11-13 15:50 . 2015-08-09 03:50 350112 ----a-w- c:\windows\system32\DPTopologyApp.exe
2016-11-13 15:50 . 2015-08-09 03:50 167328 ----a-w- c:\windows\system32\difx64.exe
2016-11-13 15:50 . 2009-07-13 23:38 30208 ----a-w- c:\windows\system32\drivers\monitor.sys
2016-11-13 15:46 . 2013-01-11 18:02 64624 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2016-10-10 15:33 . 2016-11-13 17:38 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-10-10 15:16 . 2016-11-13 17:38 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-10-07 15:12 . 2016-11-13 17:38 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-09-14 23:07 . 2016-09-14 23:07 51800 ----a-w- c:\windows\system32\cmdcsr.dll
2016-09-14 23:07 . 2016-09-14 23:07 642976 ----a-w- c:\windows\SysWow64\guard32.dll
2016-09-14 23:07 . 2016-09-14 23:07 813824 ----a-w- c:\windows\system32\guard64.dll
2016-09-14 23:05 . 2016-09-14 23:05 365752 ----a-w- c:\windows\system32\cmdvrt64.dll
2016-09-14 23:04 . 2016-09-14 23:04 51896 ----a-w- c:\windows\system32\cmdkbd64.dll
2016-09-14 23:02 . 2016-09-14 23:02 296120 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2016-09-14 23:01 . 2016-09-14 23:01 46776 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2016-08-31 11:49 . 2016-08-31 11:49 116248 ----a-w- c:\windows\system32\drivers\inspect.sys
2016-08-31 11:49 . 2016-08-31 11:49 56976 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2016-08-31 11:49 . 2016-08-31 11:49 830624 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2016-08-31 11:49 . 2016-08-31 11:49 31648 ----a-w- c:\windows\system32\drivers\cmderd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-11-12 587288]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2016-10-01 1156824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2016-09-14 1610936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xv05xdbc.default\
FF - prefs.js: browser.startup.homepage - seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Celkový čas: 2016-11-21 17:50:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-11-21 16:50
ComboFix2.txt 2016-11-20 19:40
ComboFix3.txt 2016-11-20 19:29
.
Před spuštěním: Volných bajtů: 953 467 154 432
Po spuštění: Volných bajtů: 953 005 395 968
.
- - End Of File - - 3EDF412F1B4A0ECA20E7DFFC96EE2B2F
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 21 lis 2016 18:09

Log z HJT pc běží krásně rychle jen ta rychlost internetu stále blbne neni možné že by to dělal ted "comodo defender+"?

Zemana AntiMalware 2.60.2.1 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016.11.21
Operating System : Windows 7 64-bit
Processor : 4X Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
BIOS Mode : Legacy
CUID : 12AF680D4EA8FEF77C2456
Scan Type : Smart Scan
Duration : 2m 55s
Scanned Objects : 24680
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

No threats detected

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:00:27, on 21.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Users\Michal\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 5424 bytes
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jaro3 » 21 lis 2016 18:50

Možná , někde to přeci jde vypnout.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"


Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 21 lis 2016 20:20

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
Ran by Michal (21-11-2016 20:16:13)
Running from C:\Users\Michal\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-11-10 14:59:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4257771679-899889950-1384008878-500 - Administrator - Disabled)
Guest (S-1-5-21-4257771679-899889950-1384008878-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4257771679-899889950-1384008878-1002 - Limited - Enabled)
Michal (S-1-5-21-4257771679-899889950-1384008878-1000 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
COMODO Antivirus (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 8.4.0.5165 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Innkeeper (HKU\S-1-5-21-4257771679-899889950-1384008878-1000\...\Innkeeper) (Version: 0.3.1 - Curse Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Mozilla Firefox 49.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 49.0.2 (x64 cs)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla)
PPTX Viewer 2.0 (HKLM-x32\...\PPTX Viewer 2.0) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.103 - Skype Technologies S.A.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4257771679-899889950-1384008878-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09AE01F5-4E32-4442-AF47-116A1076E956} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {0A6D3A30-E25A-42EB-9B97-F9D614D6F66F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {17D1F464-3E11-49CD-904E-B6BC7E711717} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {348FF565-A00F-417A-AC5A-38A9EE69EEC5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-20] (Adobe Systems Incorporated)
Task: {74293E4D-96A2-470E-9B22-0BE49C914C54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {BE9D6DC8-5ED4-4BE8-A266-199A68F72887} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)
Task: {C0F37661-3EA8-43FB-AC05-7343D5D19462} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-14] (COMODO)
Task: {CE41DBC6-AE08-4AAB-8425-6ADE8F3A0DCD} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-09-14] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-03-16 11:25 - 2016-03-16 11:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\zoek-delete.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\browcli.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\browser.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ci.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\credui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\cryptdlg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\CustomModeApp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\CustomModeAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10core.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\d3d10_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d10_1core.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\d3d11.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dhcpcore6.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dhcpcsvc6.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\difx64.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\DPTopologyApp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\DPTopologyAppv2_0.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\gameux.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\GfxUIEx.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Gfxv2_0.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Gfxv4_0.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\IccLibDll_x64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IEUDINIT.EXE:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxCoIn_v3540.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxCoIn_v4264.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxCUIService.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxEM.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxext.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\igfxHK.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\igfxTray.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\iologmsg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\iphlpsvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDAZE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\KBDAZEL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kbdgeoqw.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kd1394.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kdcom.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\kdusb.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msdrm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msieftp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ncsi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\netapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\netcorehc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\netevent.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\nlaapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\oleacc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RMActivate.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RMActivate_isv.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RMActivate_ssp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RMActivate_ssp_isv.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\rpcss.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\RtNicProp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\RTNUninst64.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\secproc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\secproc_isv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\secproc_ssp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\secproc_ssp_isv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\SmartcardCredentialProvider.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\taskhost.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\timedate.cpl:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\TSWorkspace.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\umpnpmgr.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Wdfres.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WindowsCodecsExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Wpc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\WUDFCoinstaller.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFPlatform.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\WUDFx.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\wwanprotdim.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\xmllite.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\XpsGdiConverter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\XpsPrint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\browcli.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\cfgmgr32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\charmap.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\credui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\cryptdlg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\cscript.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10core.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d10_1core.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3d11.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\devobj.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\devrtl.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\dhcpcore6.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\dhcpcsvc6.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\drvinst.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\gameux.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdfcl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\iologmsg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZE.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\KBDAZEL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\kbdgeoqw.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msdrm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msieftp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\netapi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\netbtugc.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\netcorehc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\netevent.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\oleacc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\packager.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\RMActivate.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\RMActivate_isv.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\RMActivate_ssp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\RMActivate_ssp_isv.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\scrrun.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\secproc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\secproc_isv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\secproc_ssp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\secproc_ssp_isv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\shdocvw.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\SmartcardCredentialProvider.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\timedate.cpl:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\TSWorkspace.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecsExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\Wpc.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\xmllite.dll:$CmdTcID [130]
AlternateDataStreams: C:\Windows\SysWOW64\XpsGdiConverter.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\SysWOW64\XpsPrint.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\afd.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ataport.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\Diskdump.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\fvevol.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\HECIx64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\IntcDAud.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\monitor.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\msiscsi.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\netio.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\Rt64win7.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\srv.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\srv2.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\srvnet.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\storport.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpip.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tcpipreg.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [130]
AlternateDataStreams: C:\Windows\system32\Drivers\WdfLdr.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFPf.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\WUDFRd.sys:$CmdTcID [64]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-11-21 17:47 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4257771679-899889950-1384008878-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3EBAEB99-91F1-491D-9938-8A61CBE0AACB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8CDC9B22-73D3-437F-B76D-EF7EA0C4B48C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1325604C-3955-46D3-973E-D7795FE3B0B6}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{0BC0A704-F92F-4647-ABF4-425C76985F4E}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{34A322CA-503A-42E6-B61B-0D463F4DBD11}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{4333D502-5A7A-420C-AEED-4C3C315166B7}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{10A5FA51-EF37-4E19-8EEF-8C9174E920F4}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{96CC2C54-36BF-42C0-99A3-BFFBCF0C074E}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{6E7C8375-2451-4DFE-95CB-B06B77629443}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{A962591D-30DF-46DB-918A-F21478483BE3}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.admin.exe
FirewallRules: [{4EC0EB2D-8E81-4A02-92FC-A6E70ED52399}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcherUx.exe
FirewallRules: [{0504D79F-4E27-4BE1-B69F-E8C0D4FEDD3B}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcherUx.exe
FirewallRules: [{BC3B47C2-7228-40C7-B952-8AEF4FCF7891}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcherUx.exe
FirewallRules: [{D49896FA-E713-4A65-B383-0044C1931FCC}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcherUx.exe
FirewallRules: [{C83806A7-BEBA-4E3F-816F-4BE94140BE7B}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcher.exe
FirewallRules: [{FD40E733-47CB-4E6B-BF26-D8D523CA8E62}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcher.exe
FirewallRules: [{1BAED57B-2C46-46B8-B1FD-C3B905A8C9C4}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcher.exe
FirewallRules: [{C317AEBB-C9AF-4348-B099-815C714182D3}] => (Allow) C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.70\deploy\LoLPatcher.exe
FirewallRules: [{544D4532-4DE9-47CE-B381-A6F8272221D7}] => (Allow) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
FirewallRules: [{A1578897-CB35-4C93-A376-D9FB0EF8EA77}] => (Allow) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
FirewallRules: [{4679FD60-2EAD-4CBB-9B31-3579A2ECC0D8}] => (Allow) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
FirewallRules: [{B7878C2A-B36E-476C-A017-5ED1D88FAC00}] => (Allow) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
FirewallRules: [{8BF61E30-F785-4DD8-A69F-33D3BC341C00}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

13-11-2016 18:39:48 Windows Update
14-11-2016 15:25:59 Instalační služba modulů systému Windows
14-11-2016 19:14:38 Instalační služba modulů systému Windows
15-11-2016 17:39:00 Installed Sophos Virus Removal Tool.
15-11-2016 18:34:33 Removed Sophos Virus Removal Tool.
16-11-2016 06:43:52 zoek.exe restore point
20-11-2016 19:57:05 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/21/2016 08:07:34 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/21/2016 08:07:34 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/21/2016 08:07:34 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/21/2016 08:07:34 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (11/21/2016 08:07:31 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/21/2016 08:07:31 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/21/2016 08:07:31 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/21/2016 08:07:31 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/21/2016 08:07:31 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

Error: (11/21/2016 08:07:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (2392) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00018.log došlo k chybě -1811.


System errors:
=============
Error: (11/21/2016 08:07:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/21/2016 08:07:34 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (11/21/2016 05:46:21 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/21/2016 05:46:17 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/21/2016 05:45:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/21/2016 05:45:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/21/2016 05:44:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/21/2016 05:41:24 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (11/20/2016 08:38:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/20/2016 08:36:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================
Date: 2016-11-21 17:45:52.268
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-21 17:45:52.253
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-21 17:45:52.237
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-21 17:45:52.222
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-21 17:41:24.697
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-21 17:41:24.681
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 62%
Total physical RAM: 3983.25 MB
Available physical RAM: 1500.89 MB
Total Virtual: 7964.69 MB
Available Virtual: 5630.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:888.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E5AAFB26)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 21 lis 2016 20:22

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
Ran by Michal (administrator) on MICHAL-PC (21-11-2016 20:14:54)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-09-14] (COMODO)
HKLM-x32\...\Run: [Innkeeper] => C:\ProgramData\SquirrelMachineInstalls\Innkeeper.exe [44009352 2016-11-21] (Curse Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E7C8A1BC-08EC-43BB-9864-C043A69A97A2}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4257771679-899889950-1384008878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4257771679-899889950-1384008878-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-4257771679-899889950-1384008878-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-12] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-12] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: xv05xdbc.default
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xv05xdbc.default [2016-11-21]
FF NewTab: Mozilla\Firefox\Profiles\xv05xdbc.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\xv05xdbc.default -> seznam.cz/
FF Extension: (Adblock Plus) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xv05xdbc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-20] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-12] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-20] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5817256 2016-09-15] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-09-14] (COMODO)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2016-11-13] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-08-31] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [830624 2016-08-31] (COMODO)
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-21 20:14 - 2016-11-21 20:15 - 00006201 _____ C:\Users\Michal\Desktop\FRST.txt
2016-11-21 20:14 - 2016-11-21 20:14 - 00000000 ____D C:\FRST
2016-11-21 20:13 - 2016-11-21 20:13 - 02412544 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-11-21 20:11 - 2016-11-21 20:11 - 00000000 ____D C:\Users\Michal\AppData\Roaming\InnkeeperUI
2016-11-21 20:11 - 2016-11-21 20:11 - 00000000 ____D C:\Users\Michal\AppData\Local\Innkeeper
2016-11-21 20:10 - 2016-11-21 20:11 - 00000000 ____D C:\Users\Michal\AppData\Local\SquirrelTemp
2016-11-21 20:10 - 2016-11-21 20:10 - 00000000 ____D C:\Users\Michal\Desktop\backups
2016-11-21 20:08 - 2016-11-21 20:08 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-21 19:59 - 2016-11-21 19:59 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-11-21 19:59 - 2016-11-21 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-21 19:59 - 2016-11-21 19:59 - 00000000 ____D C:\Program Files\CCleaner
2016-11-21 19:58 - 2016-11-21 19:58 - 00000000 ____D C:\ProgramData\SquirrelMachineInstalls
2016-11-21 19:53 - 2016-11-21 19:53 - 00000000 ____D C:\Users\Michal\AppData\Roaming\.mono
2016-11-21 19:53 - 2016-11-21 19:53 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\Blizzard Entertainment
2016-11-21 19:53 - 2016-11-21 19:53 - 00000000 ____D C:\Users\Michal\AppData\Local\Blizzard
2016-11-21 19:53 - 2016-11-21 19:53 - 00000000 ____D C:\ProgramData\.mono
2016-11-21 19:52 - 2016-11-21 19:52 - 00000962 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2016-11-21 19:52 - 2016-11-21 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2016-11-21 18:48 - 2016-11-21 19:53 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-11-21 18:46 - 2016-11-21 19:55 - 00000000 ____D C:\Users\Michal\AppData\Local\Battle.net
2016-11-21 18:46 - 2016-11-21 18:46 - 00000000 ____D C:\Users\Michal\AppData\Local\Blizzard Entertainment
2016-11-21 18:46 - 2016-11-21 18:46 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-11-21 18:45 - 2016-11-21 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-11-21 18:41 - 2016-11-21 18:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-11-21 18:40 - 2016-11-21 18:47 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Battle.net
2016-11-21 18:40 - 2016-11-21 18:43 - 44009352 _____ (Curse Inc.) C:\Users\Michal\Desktop\InnkeeperSetup.exe
2016-11-21 18:40 - 2016-11-21 18:40 - 00000000 ____D C:\ProgramData\Battle.net
2016-11-21 17:53 - 2016-11-21 20:07 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-11-21 17:53 - 2016-11-21 20:06 - 00114405 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-11-21 17:53 - 2016-11-21 18:38 - 00049462 _____ C:\Windows\ZAM.krnl.trace
2016-11-21 17:51 - 2016-11-21 17:51 - 00000000 ____D C:\Users\Michal\AppData\Local\Zemana
2016-11-21 00:00 - 2016-11-21 00:34 - 00000000 ____D C:\Users\Michal\AppData\Roaming\.oit
2016-11-21 00:00 - 2016-11-21 00:00 - 00003006 _____ C:\Windows\SysWOW64\FoxPowerPointVUninstall.ini
2016-11-21 00:00 - 2016-11-21 00:00 - 00002200 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\PPTX Viewer 2.0.lnk
2016-11-21 00:00 - 2016-11-21 00:00 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc
2016-11-20 23:58 - 2016-11-18 23:44 - 02945169 ____N C:\Users\Michal\Desktop\03_Odbornost_TEST ANALYTIK_FINAL.pptx
2016-11-20 23:57 - 2016-11-20 23:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-11-20 23:57 - 2016-11-20 23:57 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\Adobe
2016-11-20 23:55 - 2016-11-21 16:43 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-11-20 23:55 - 2016-11-21 16:40 - 00000000 ____D C:\ProgramData\Adobe
2016-11-20 23:55 - 2016-11-20 23:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-20 21:32 - 2016-11-20 21:32 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-20 21:32 - 2016-11-20 21:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-20 21:32 - 2016-11-20 21:32 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-20 20:14 - 2016-11-20 20:46 - 00023746 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-11-20 20:14 - 2016-11-20 20:14 - 00000000 ____D C:\VTRoot
2016-11-20 20:02 - 2016-11-21 19:57 - 00000000 ____D C:\Windows\erdnt
2016-11-16 07:12 - 2016-11-16 06:42 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-11-16 06:42 - 2016-11-16 07:05 - 00000000 ____D C:\zoek_backup
2016-11-15 18:37 - 2016-11-15 23:05 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-11-15 18:35 - 2016-11-15 18:36 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-15 17:43 - 2016-11-15 17:43 - 00000000 ____D C:\ProgramData\Sophos
2016-11-14 19:16 - 2016-11-14 19:16 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-14 19:16 - 2016-11-14 19:16 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-11-14 19:16 - 2016-11-14 19:16 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-11-14 19:15 - 2016-11-14 19:15 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-11-14 19:15 - 2016-11-14 19:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-11-14 19:15 - 2016-11-14 19:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-11-14 19:02 - 2016-11-14 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-11-14 19:02 - 2016-11-14 19:02 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-11-14 18:20 - 2016-11-15 22:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-14 18:20 - 2016-11-14 18:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-14 16:13 - 2016-11-14 18:31 - 00000000 ____D C:\AdwCleaner
2016-11-14 15:27 - 2016-11-14 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-11-14 15:27 - 2016-11-14 15:27 - 00000000 ____D C:\Program Files\CPUID
2016-11-13 20:28 - 2016-11-13 20:28 - 00397058 _____ C:\Users\Michal\Desktop\heh.dib
2016-11-13 19:15 - 2016-11-13 19:15 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-11-13 19:10 - 2016-11-13 19:10 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-13 19:10 - 2016-11-13 19:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-13 19:10 - 2016-11-13 19:10 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-13 19:10 - 2016-11-13 19:10 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-13 19:10 - 2016-11-13 19:10 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-11-13 19:10 - 2016-11-13 19:10 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-11-13 19:10 - 2016-11-13 19:10 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-13 19:10 - 2016-11-13 19:10 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-13 19:10 - 2016-11-13 19:10 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-11-13 19:10 - 2016-11-13 19:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-11-13 19:10 - 2016-11-13 19:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-11-13 19:10 - 2016-11-13 19:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-11-13 19:10 - 2016-11-13 19:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-13 18:56 - 2016-11-13 18:57 - 00000000 ____D C:\Windows\system32\MRT
2016-11-13 18:56 - 2016-11-13 18:56 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-13 18:54 - 2016-11-13 18:55 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-11-13 18:54 - 2016-11-13 18:54 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-11-13 18:54 - 2016-11-13 18:54 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-11-13 18:54 - 2016-11-13 18:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-11-13 18:54 - 2016-11-13 18:54 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-11-13 18:54 - 2016-11-13 18:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-11-13 18:54 - 2016-11-13 18:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-13 18:54 - 2016-11-13 18:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-13 18:50 - 2016-11-13 18:50 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-11-13 18:50 - 2016-11-13 18:50 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-11-13 18:50 - 2016-11-13 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-11-13 18:50 - 2016-11-13 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-11-13 18:50 - 2016-11-13 18:50 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-11-13 18:50 - 2016-11-13 18:50 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-11-13 18:50 - 2016-11-13 18:50 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-11-13 18:39 - 2016-03-17 23:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-13 18:39 - 2016-03-17 23:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-13 18:39 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-11-13 18:39 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-11-13 18:39 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-11-13 18:39 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-11-13 18:38 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-13 18:38 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-13 18:38 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-13 18:38 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-13 18:38 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-13 18:38 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-13 18:38 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-13 18:38 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-13 18:38 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-13 18:38 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-13 18:38 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-13 18:38 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-13 18:38 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-13 18:38 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-13 18:38 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-13 18:38 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-13 18:38 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-13 18:38 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-13 18:38 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-13 18:38 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-13 18:38 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-13 18:38 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-13 18:38 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-13 18:38 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-13 18:38 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-13 18:38 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-13 18:38 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-13 18:38 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-13 18:38 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-13 18:38 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-13 18:38 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-13 18:38 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-13 18:38 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-13 18:38 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-13 18:38 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-13 18:38 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-13 18:38 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-13 18:38 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-13 18:38 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-13 18:38 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-13 18:38 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-13 18:38 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-13 18:38 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-13 18:38 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-13 18:38 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-13 18:38 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-13 18:38 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-13 18:38 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-13 18:38 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-13 18:38 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-13 18:38 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-13 18:38 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-13 18:38 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-13 18:38 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-13 18:38 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-13 18:38 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-13 18:38 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-13 18:38 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-13 18:38 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-13 18:38 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-13 18:38 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-13 18:38 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-13 18:38 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-13 18:38 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-13 18:38 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-13 18:38 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-13 18:38 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-13 18:38 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-13 18:38 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-13 18:38 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-13 18:38 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-13 18:38 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-13 18:38 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-13 18:38 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-13 18:38 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-13 18:38 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-13 18:38 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-13 18:38 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-13 18:38 - 2016-08-16 19:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 21 lis 2016 20:24

2016-11-13 18:38 - 2016-08-16 19:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-11-13 18:38 - 2016-08-16 18:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-11-13 18:38 - 2016-08-16 03:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-11-13 18:38 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-13 18:38 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-13 18:38 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-13 18:38 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-13 18:38 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-13 18:38 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-13 18:38 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-13 18:38 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-13 18:38 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-13 18:38 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-13 18:38 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-13 18:38 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-13 18:38 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-13 18:38 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-13 18:38 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-13 18:38 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-13 18:38 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-13 18:38 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-13 18:38 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-13 18:38 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-13 18:38 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-13 18:38 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-13 18:38 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-13 18:38 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-13 18:38 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-13 18:38 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-13 18:38 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-13 18:38 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-13 18:38 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-13 18:38 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-13 18:38 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-13 18:38 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-13 18:38 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-13 18:38 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-13 18:38 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-13 18:38 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-13 18:38 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-13 18:38 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-13 18:38 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-13 18:38 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-11-13 18:38 - 2016-05-18 17:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-11-13 18:38 - 2016-05-18 17:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-11-13 18:38 - 2016-05-12 14:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-11-13 18:38 - 2016-05-12 14:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-11-13 18:38 - 2016-05-12 14:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-11-13 18:38 - 2016-03-16 01:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-11-13 18:38 - 2016-03-16 01:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-11-13 18:38 - 2016-03-16 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-11-13 18:38 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-11-13 18:38 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-11-13 18:38 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-11-13 18:38 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-11-13 18:38 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-11-13 18:38 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-11-13 18:38 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-11-13 18:38 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-11-13 18:38 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-11-13 18:38 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-11-13 18:38 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-11-13 18:38 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-11-13 18:38 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-11-13 18:38 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-11-13 18:38 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-11-13 18:38 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-11-13 18:38 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-11-13 18:38 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-11-13 18:38 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-11-13 18:38 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-11-13 18:38 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-11-13 18:38 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-11-13 18:38 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-11-13 18:37 - 2016-11-13 18:37 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-11-13 18:37 - 2016-11-13 18:37 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-11-13 18:37 - 2016-11-13 18:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-11-13 18:37 - 2016-11-13 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-11-13 18:37 - 2016-11-13 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-11-13 18:37 - 2016-08-29 16:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-11-13 18:37 - 2016-08-29 16:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-13 18:37 - 2016-08-29 16:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-11-13 18:37 - 2016-08-29 16:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-11-13 18:37 - 2016-08-29 16:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-13 18:37 - 2016-08-29 16:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-11-13 18:37 - 2016-08-29 16:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-11-13 18:37 - 2016-08-29 15:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-11-13 18:37 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-13 18:37 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-11-13 18:37 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-11-13 18:37 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-11-13 18:37 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-11-13 18:37 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-11-13 18:37 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-11-13 18:37 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-11-13 18:37 - 2016-05-12 18:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-11-13 18:37 - 2016-05-12 18:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-11-13 18:37 - 2016-05-12 18:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-11-13 18:37 - 2016-05-12 18:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-11-13 18:37 - 2016-05-12 18:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-11-13 18:37 - 2016-05-12 18:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-11-13 18:37 - 2016-05-12 18:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-11-13 18:37 - 2016-05-12 18:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-11-13 18:37 - 2016-05-12 16:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-11-13 18:37 - 2016-05-12 16:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-11-13 18:37 - 2016-05-12 16:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-11-13 18:37 - 2016-05-12 16:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-11-13 18:37 - 2016-05-12 16:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-11-13 18:37 - 2016-05-12 16:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-11-13 18:37 - 2016-05-12 15:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-11-13 18:37 - 2016-05-12 15:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-11-13 18:37 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-11-13 18:37 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-11-13 18:37 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-11-13 18:37 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-11-13 18:37 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-11-13 18:37 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-11-13 18:37 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-11-13 18:37 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-11-13 18:37 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-11-13 18:37 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-11-13 18:37 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-11-13 18:37 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-11-13 18:37 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-11-13 18:37 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-11-13 18:37 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-11-13 18:37 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-11-13 18:37 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-11-13 18:28 - 2016-11-13 18:28 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-11-13 18:28 - 2016-11-13 18:28 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-11-13 18:28 - 2016-11-13 18:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-11-13 18:28 - 2016-11-13 18:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-11-13 18:18 - 2016-11-13 18:18 - 00000000 ____D C:\Users\Michal\Tracing
2016-11-13 18:17 - 2016-11-21 17:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-13 18:17 - 2016-11-13 18:22 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Skype
2016-11-13 18:17 - 2016-11-13 18:17 - 00000000 ____D C:\ProgramData\Skype
2016-11-13 18:17 - 2016-11-13 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-11-13 18:10 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-11-13 18:10 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-11-13 17:58 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-11-13 17:58 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-11-13 17:58 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-11-13 17:54 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-11-13 17:54 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-11-13 17:54 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-11-13 17:54 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-11-13 17:54 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-11-13 17:54 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-11-13 17:54 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-11-13 17:54 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-11-13 17:53 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-11-13 17:53 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-11-13 17:53 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-11-13 17:53 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-11-13 17:53 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-11-13 17:53 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-11-13 17:53 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2016-11-13 17:53 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2016-11-13 17:53 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2016-11-13 17:53 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2016-11-13 17:53 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2016-11-13 17:53 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2016-11-13 17:53 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2016-11-13 17:53 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2016-11-13 17:53 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-11-13 17:53 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-11-13 17:53 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-11-13 17:52 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-11-13 17:52 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-11-13 17:52 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-11-13 17:52 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-11-13 17:52 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-11-13 17:52 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-11-13 17:52 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-11-13 17:52 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-11-13 17:52 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2016-11-13 17:52 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2016-11-13 17:52 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2016-11-13 17:52 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2016-11-13 17:52 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2016-11-13 17:52 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2016-11-13 17:52 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2016-11-13 17:52 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2016-11-13 17:52 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2016-11-13 17:52 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-11-13 17:52 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2016-11-13 17:52 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-11-13 17:52 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2016-11-13 17:51 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-11-13 17:51 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2016-11-13 17:51 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-11-13 17:51 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-11-13 17:51 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-11-13 17:51 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-11-13 17:51 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-11-13 17:51 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-11-13 17:51 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-11-13 17:51 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-11-13 17:51 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-11-13 17:51 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-11-13 17:51 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-11-13 17:51 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-11-13 17:51 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-11-13 17:51 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-11-13 17:51 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-11-13 17:51 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-11-13 17:51 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-11-13 17:51 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-11-13 17:51 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2016-11-13 17:51 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-11-13 17:51 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-11-13 17:51 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-11-13 17:51 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-11-13 17:51 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-11-13 17:51 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-11-13 17:51 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-11-13 17:51 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-11-13 17:51 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2016-11-13 17:51 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2016-11-13 17:51 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-11-13 17:51 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2016-11-13 17:51 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-11-13 17:51 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-11-13 17:51 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-11-13 17:51 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2016-11-13 17:51 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2016-11-13 17:51 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-11-13 17:51 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-11-13 17:51 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-11-13 17:51 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-11-13 17:51 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-11-13 17:51 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-11-13 17:51 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-11-13 17:51 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-11-13 17:51 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-11-13 17:51 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-11-13 17:51 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2016-11-13 17:51 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-11-13 17:51 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2016-11-13 17:51 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-11-13 17:50 - 2016-11-13 17:50 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-11-13 17:50 - 2016-11-13 17:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-11-13 17:50 - 2016-11-13 17:50 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-11-13 17:50 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-11-13 17:50 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-11-13 17:50 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-11-13 17:50 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-11-13 17:50 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-11-13 17:50 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-11-13 17:45 - 2016-11-13 17:45 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-11-13 17:45 - 2016-11-13 17:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-11-13 17:27 - 2016-11-13 17:27 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-11-13 17:27 - 2016-11-13 17:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-11-13 17:27 - 2012-06-02 15:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-11-13 17:23 - 2016-11-13 17:23 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-11-13 17:23 - 2016-11-13 17:23 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-11-13 17:23 - 2016-11-13 17:23 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-11-13 17:23 - 2016-11-13 17:23 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-11-13 17:23 - 2016-11-13 17:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-11-13 17:23 - 2016-11-13 17:23 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-11-13 17:23 - 2016-11-13 17:23 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-11-13 17:23 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-11-13 17:16 - 2016-11-13 17:16 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-11-13 17:16 - 2016-11-13 17:16 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-11-13 17:16 - 2016-11-13 17:16 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-13 17:16 - 2016-11-13 17:16 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-11-13 17:16 - 2016-11-13 17:16 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-11-13 17:16 - 2016-11-13 17:16 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-11-13 17:16 - 2016-11-13 17:16 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-11-13 17:16 - 2016-11-13 17:16 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-11-13 17:16 - 2016-11-13 17:16 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-11-13 17:15 - 2016-11-13 17:15 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-11-13 17:15 - 2016-11-13 17:15 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-11-13 17:15 - 2016-11-13 17:15 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-11-13 17:15 - 2016-11-13 17:15 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-11-13 17:15 - 2016-11-13 17:15 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-11-13 17:15 - 2016-11-13 17:15 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-11-13 17:15 - 2016-11-13 17:15 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-11-13 17:13 - 2016-11-13 17:13 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-11-13 17:13 - 2016-11-13 17:13 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-11-13 17:13 - 2016-11-13 17:13 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-11-13 17:13 - 2016-11-13 17:13 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-11-13 17:13 - 2016-11-13 17:13 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2016-11-13 17:13 - 2016-11-13 17:13 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 21 lis 2016 20:25

2016-11-13 17:13 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2016-11-13 17:13 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2016-11-13 17:13 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2016-11-13 17:13 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2016-11-13 17:13 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2016-11-13 17:13 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2016-11-13 17:13 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2016-11-13 17:13 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2016-11-13 17:13 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2016-11-13 17:12 - 2016-11-13 17:12 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-11-13 17:12 - 2016-11-13 17:12 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-11-13 17:12 - 2016-11-13 17:12 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-11-13 17:12 - 2016-11-13 17:12 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2016-11-13 17:12 - 2016-11-13 17:12 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-11-13 17:12 - 2016-11-13 17:12 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-11-13 17:11 - 2016-11-13 17:11 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-13 17:11 - 2016-11-13 17:11 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-11-13 17:11 - 2016-11-13 17:11 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-11-13 17:11 - 2016-11-13 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-11-13 17:11 - 2016-11-13 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-11-13 17:09 - 2016-11-13 17:09 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-13 17:09 - 2016-11-13 17:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-13 17:09 - 2016-11-13 17:09 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-11-13 17:09 - 2016-11-13 17:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-11-13 17:09 - 2016-11-13 17:09 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2016-11-13 17:08 - 2016-11-13 17:08 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2016-11-13 17:08 - 2016-03-09 20:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-11-13 17:08 - 2016-03-09 19:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-11-13 17:08 - 2016-01-21 01:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-11-13 17:08 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-11-13 17:08 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-11-13 17:08 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2016-11-13 17:06 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-11-13 17:06 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-11-13 17:06 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-11-13 17:06 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-11-13 17:06 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-11-13 17:06 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-11-13 17:06 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-11-13 17:05 - 2016-11-13 17:05 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-11-13 17:05 - 2016-11-13 17:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2016-11-13 17:05 - 2016-11-13 17:05 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2016-11-13 17:05 - 2016-11-13 17:05 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2016-11-13 17:05 - 2016-11-13 17:05 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-11-13 17:05 - 2016-11-13 17:05 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2016-11-13 17:05 - 2016-03-09 19:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-11-13 17:05 - 2016-03-09 19:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-11-13 17:05 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-11-13 17:05 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-11-13 17:05 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-11-13 17:05 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-11-13 17:05 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2016-11-13 17:05 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-11-13 17:05 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2016-11-13 17:05 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-11-13 17:05 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-11-13 17:05 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-11-13 17:05 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-11-13 17:05 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-11-13 17:05 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-11-13 17:05 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-11-13 17:05 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-11-13 17:05 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-11-13 17:05 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-11-13 17:05 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-11-13 17:05 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-11-13 17:05 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-11-13 17:05 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-11-13 17:05 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-11-13 17:05 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-11-13 17:05 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-11-13 17:05 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-11-13 17:05 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-11-13 17:05 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-11-13 16:59 - 2016-11-13 16:59 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-11-13 16:59 - 2016-11-13 16:59 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-11-13 16:59 - 2016-11-13 16:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-11-13 16:59 - 2016-11-13 16:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-11-13 16:59 - 2016-11-13 16:59 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-11-13 16:59 - 2016-11-13 16:59 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-11-13 16:59 - 2016-11-13 16:59 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-11-13 16:59 - 2016-11-13 16:59 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-11-13 16:59 - 2016-11-13 16:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-11-13 16:59 - 2016-11-13 16:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-11-13 16:48 - 2016-11-13 16:48 - 01713538 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-11-13 16:45 - 2016-11-13 16:45 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-11-13 16:45 - 2016-11-13 16:45 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-11-13 16:36 - 2016-11-13 16:36 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-11-13 16:36 - 2016-11-13 16:36 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-11-13 04:13 - 2016-11-13 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-11-13 04:13 - 2016-11-13 04:13 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-11-12 22:39 - 2016-11-12 22:39 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-11-12 22:39 - 2016-11-12 22:39 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Sun
2016-11-12 22:39 - 2016-11-12 22:39 - 00000000 ____D C:\Users\Michal\AppData\LocalLow\Sun
2016-11-12 22:39 - 2016-11-12 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-12 22:38 - 2016-11-12 22:38 - 00000000 ____D C:\ProgramData\Oracle
2016-11-12 22:38 - 2016-11-12 22:38 - 00000000 ____D C:\Program Files\Java
2016-11-11 14:51 - 2016-11-11 14:51 - 00000000 ____D C:\Windows\CheckSur
2016-11-10 21:44 - 2016-11-10 21:44 - 00000000 ____D C:\Users\Michal\AppData\Roaming\LolClient
2016-11-10 18:01 - 2013-08-21 15:16 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-11-10 17:58 - 2016-11-10 17:58 - 00000000 ____D C:\ProgramData\Riot Games
2016-11-10 17:53 - 2016-11-14 07:38 - 00000000 ____D C:\Users\Michal\AppData\Local\ElevatedDiagnostics
2016-11-10 17:41 - 2016-11-10 17:41 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-10 17:36 - 2016-11-14 19:15 - 00007621 _____ C:\Users\Michal\AppData\Local\Resmon.ResmonCfg
2016-11-10 17:25 - 2016-11-10 17:25 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-11-10 17:25 - 2016-11-10 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-11-10 17:21 - 2016-11-10 17:21 - 00000000 ____D C:\Windows\system32\appmgmt
2016-11-10 17:16 - 2016-11-10 17:16 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-10 17:12 - 2016-11-10 17:12 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-11-10 17:12 - 2016-11-10 17:12 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-11-10 17:12 - 2016-11-10 17:12 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-11-10 17:12 - 2016-11-10 17:12 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-11-10 17:12 - 2016-11-10 17:12 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-11-10 17:12 - 2016-11-10 17:12 - 00000000 ____D C:\Riot Games
2016-11-10 17:08 - 2016-11-10 17:26 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Riot Games
2016-11-10 16:51 - 2016-11-10 16:51 - 00015842 _____ C:\Windows\system32\results.xml
2016-11-10 16:50 - 2016-11-21 16:40 - 00000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2016-11-10 16:50 - 2016-11-13 16:54 - 00000401 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-11-10 16:47 - 2016-11-13 16:50 - 00096752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2016-11-10 16:47 - 2016-11-13 16:50 - 00092648 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2016-11-10 16:47 - 2016-11-10 18:01 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-10 16:46 - 2016-11-20 23:57 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Adobe
2016-11-10 16:46 - 2016-11-10 16:46 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Macromedia
2016-11-10 16:46 - 2016-11-10 16:46 - 00000000 ____D C:\Program Files\Intel
2016-11-10 16:44 - 2016-11-13 16:56 - 00000000 ____D C:\Intel
2016-11-10 16:44 - 2016-11-13 16:50 - 09519352 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2016-11-10 16:44 - 2016-11-13 16:50 - 06253856 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2016-11-10 16:44 - 2016-11-13 16:50 - 02048512 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2016-11-10 16:44 - 2016-11-13 16:50 - 00707584 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2016-11-10 16:44 - 2016-11-13 16:50 - 00404376 _____ C:\Windows\system32\igfxTray.exe
2016-11-10 16:44 - 2016-11-13 16:50 - 00355232 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2016-11-10 16:44 - 2016-11-13 16:50 - 00324512 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe
2016-11-10 16:44 - 2016-11-13 16:50 - 00296432 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2016-11-10 16:44 - 2016-11-13 16:50 - 00257968 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2016-11-10 16:44 - 2016-11-10 16:46 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3540.dll
2016-11-10 16:44 - 2016-11-10 16:45 - 00450520 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-11-10 16:44 - 2016-11-10 16:44 - 00393200 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe
2016-11-10 16:44 - 2016-11-10 16:44 - 00392688 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe
2016-11-10 16:44 - 2014-03-31 06:24 - 00187348 _____ C:\Windows\system32\resTHA.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00180164 _____ C:\Windows\system32\resELL.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00176020 _____ C:\Windows\system32\resRUS.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00161876 _____ C:\Windows\system32\resARA.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00161332 _____ C:\Windows\system32\resHEB.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00161268 _____ C:\Windows\system32\resJPN.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00156692 _____ C:\Windows\system32\resFRA.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00156676 _____ C:\Windows\system32\resHUN.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154980 _____ C:\Windows\system32\resKOR.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154884 _____ C:\Windows\system32\resITA.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154884 _____ C:\Windows\system32\resDEU.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154724 _____ C:\Windows\system32\resROM.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154612 _____ C:\Windows\system32\resESN.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154180 _____ C:\Windows\system32\resPLK.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00154036 _____ C:\Windows\system32\resSKY.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00153844 _____ C:\Windows\system32\resNLD.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00153284 _____ C:\Windows\system32\resPTB.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00153140 _____ C:\Windows\system32\resTRK.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00153108 _____ C:\Windows\system32\resCSY.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00152980 _____ C:\Windows\system32\resPTG.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00152564 _____ C:\Windows\system32\resFIN.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00152132 _____ C:\Windows\system32\resHRV.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00151684 _____ C:\Windows\system32\resSVE.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00151508 _____ C:\Windows\system32\resSLV.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00150580 _____ C:\Windows\system32\resNOR.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00150068 _____ C:\Windows\system32\resDAN.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00148756 _____ C:\Windows\system32\resENU.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00146980 _____ C:\Windows\system32\resCHT.cui
2016-11-10 16:44 - 2014-03-31 06:24 - 00146148 _____ C:\Windows\system32\resCHS.cui
2016-11-10 16:44 - 2014-03-31 06:23 - 00000895 _____ C:\Windows\system32\Gfxv2_0.exe.config
2016-11-10 16:44 - 2014-03-31 06:23 - 00000895 _____ C:\Windows\system32\DPTopologyAppv2_0.exe.config
2016-11-10 16:44 - 2014-03-31 06:23 - 00000895 _____ C:\Windows\system32\CustomModeAppv2_0.exe.config
2016-11-10 16:44 - 2014-03-31 06:23 - 00000889 _____ C:\Windows\system32\CustomModeApp.exe.config
2016-11-10 16:44 - 2014-03-28 12:06 - 02813952 _____ C:\Windows\system32\iglhxa64.cpa
2016-11-10 16:44 - 2014-03-28 12:06 - 00044025 _____ C:\Windows\system32\iglhxo64.vp
2016-11-10 16:44 - 2014-03-28 12:06 - 00043816 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-11-10 16:44 - 2014-03-28 12:06 - 00043494 _____ C:\Windows\system32\iglhxc64.vp
2016-11-10 16:44 - 2014-03-28 12:06 - 00043298 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-11-10 16:44 - 2014-03-28 12:06 - 00043256 _____ C:\Windows\system32\iglhxg64.vp
2016-11-10 16:44 - 2014-03-28 12:06 - 00042079 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-11-10 16:44 - 2014-03-28 12:06 - 00001125 _____ C:\Windows\system32\iglhxa64.vp
2016-11-10 16:43 - 2016-11-20 21:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-10 16:43 - 2016-11-20 21:32 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-10 16:30 - 2016-11-10 16:41 - 00000000 ____D C:\Users\Michal\AppData\Local\Mozilla
2016-11-10 16:30 - 2016-11-10 16:30 - 00000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-10 16:30 - 2016-11-10 16:30 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Mozilla
2016-11-10 16:30 - 2016-11-10 16:30 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-10 16:30 - 2016-11-10 16:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-10 16:12 - 2016-11-13 05:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-10 16:12 - 2016-11-10 16:12 - 00906968 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-11-10 16:12 - 2016-11-10 16:12 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-11-10 16:12 - 2016-11-10 16:12 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-11-10 16:12 - 2016-11-10 16:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-10 16:10 - 2016-11-21 20:06 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2016-11-10 16:10 - 2016-11-21 20:03 - 00000000 ___RD C:\Users\Michal\Desktop\programy zast
2016-11-10 16:10 - 2016-11-10 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-11-10 16:10 - 2016-11-10 17:21 - 00000000 ____D C:\Program Files\COMODO
2016-11-10 16:10 - 2016-11-10 16:10 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2016-11-10 16:09 - 2016-11-10 16:10 - 00000000 ____D C:\ProgramData\Comodo
2016-11-10 16:08 - 2016-11-13 19:34 - 00058016 _____ C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-10 16:08 - 2016-11-06 18:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\Michal\Desktop\hijackthis.exe
2016-11-10 16:02 - 2016-11-21 18:06 - 00000000 ____D C:\Users\Michal
2016-11-10 16:02 - 2016-11-14 16:30 - 00000000 ____D C:\Users\Michal\AppData\Local\VirtualStore
2016-11-10 16:02 - 2016-11-13 19:26 - 00001393 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-10 16:02 - 2016-11-10 16:02 - 00000020 ___SH C:\Users\Michal\ntuser.ini
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Šablony
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Soubory cookie
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Poslední
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Okolní tiskárny
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Okolní síť
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Nabídka Start
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Dokumenty
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Documents\Obrázky
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Documents\Hudba
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Documents\Filmy
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\Data aplikací
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-11-10 16:02 - 2016-11-10 16:02 - 00000000 _SHDL C:\Users\Michal\AppData\Local\Data aplikací
2016-11-10 16:02 - 2010-11-21 10:38 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Media Center Programs
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Public\Documents\Obrázky
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Public\Documents\Hudba
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Public\Documents\Filmy
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Šablony
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Poslední
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Šablony
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Plocha
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Oblíbené položky
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Nabídka Start
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Dokumenty
2016-11-10 15:59 - 2016-11-10 15:59 - 00000000 _SHDL C:\ProgramData\Data aplikací
2016-11-10 15:56 - 2016-11-10 15:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-11-10 15:53 - 2016-11-21 20:03 - 00000000 ____D C:\Windows\Panther

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-21 20:15 - 2009-07-14 05:45 - 00029808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-21 20:15 - 2009-07-14 05:45 - 00029808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-21 20:13 - 2010-11-21 10:27 - 00807282 _____ C:\Windows\system32\perfh005.dat
2016-11-21 20:13 - 2010-11-21 10:27 - 00187228 _____ C:\Windows\system32\perfc005.dat
2016-11-21 20:13 - 2009-07-14 06:13 - 01770370 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-21 20:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-21 20:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-21 20:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-21 17:47 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-11-21 17:46 - 2009-07-14 03:34 - 58195968 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-11-21 17:46 - 2009-07-14 03:34 - 16515072 _____ C:\Windows\system32\config\SYSTEM.bak
2016-11-21 17:46 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-11-21 17:46 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-11-21 17:46 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2016-11-14 19:15 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-11-14 19:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-13 19:24 - 2009-07-14 05:45 - 00267368 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-13 19:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-13 19:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-13 18:11 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-11-13 18:11 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-13 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-11-13 17:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-11-13 17:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-11-13 16:50 - 2015-08-09 04:52 - 25076864 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 24270600 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 17973744 _____ C:\Windows\system32\igd11dxva64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 17493192 _____ C:\Windows\SysWOW64\igd11dxva32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 08723000 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 04929056 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 01425032 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 01421904 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 01299392 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 01039488 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00295568 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00275816 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00232832 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00225488 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00196392 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00190640 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-11-13 16:50 - 2015-08-09 04:52 - 00047472 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 15989760 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 10860544 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 09562096 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 07529968 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 04928256 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-11-13 16:50 - 2015-08-09 04:50 - 03599360 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 03335664 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 01379328 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 01139712 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 01073152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 01047960 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 01044896 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00634352 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00459160 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00434176 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00395248 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00382976 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00380928 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00350112 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00349600 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00314352 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00288688 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00266224 _____ C:\Windows\system32\igfxCPL.cpl
2016-11-13 16:50 - 2015-08-09 04:50 - 00240128 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00228264 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00224240 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00200704 _____ C:\Windows\system32\igdde64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00192000 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4264.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00189416 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00178688 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00167328 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-11-13 16:50 - 2015-08-09 04:50 - 00162280 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00161792 _____ C:\Windows\SysWOW64\igdde32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00102912 _____ C:\Windows\system32\IccLibDll_x64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00096752 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00095232 _____ C:\Windows\system32\igfxCUIServicePS.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00092648 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00082432 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00071152 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00044032 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00020976 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00019968 _____ ( ) C:\Windows\system32\igfxDILib.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00018944 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00018944 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00013824 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2016-11-13 16:50 - 2015-08-09 04:50 - 00013824 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2016-11-13 16:50 - 2009-07-14 00:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2016-11-13 16:46 - 2013-01-11 19:02 - 00064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2016-11-11 17:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-11 14:49 - 2009-07-14 06:08 - 00013708 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-10 16:14 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-11-10 15:59 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2016-11-10 15:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-11-10 15:54 - 2010-11-21 10:38 - 00000000 ____D C:\Windows\CSC
2016-11-10 15:53 - 2009-07-14 06:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-11-10 15:53 - 2009-07-14 05:45 - 00000000 ____D C:\Windows\Setup

==================== Files in the root of some directories =======

2016-11-10 17:36 - 2016-11-14 19:15 - 0007621 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-10 22:42

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jaro3 » 22 lis 2016 10:05

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4257771679-899889950-1384008878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-4257771679-899889950-1384008878-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 22 lis 2016 18:25

HDD zkontrolováno na chyby(nenašlo nic), defragmentován, přikládám logy memtest nechám zaplý během noci zítra dodám.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-11-2016 01
Ran by Michal (22-11-2016 18:19:45) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4257771679-899889950-1384008878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-4257771679-899889950-1384008878-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-4257771679-899889950-1384008878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-4257771679-899889950-1384008878-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12875481 B
Java, Flash, Steam htmlcache => 3653 B
Windows/system/drivers => 225633 B
Edge => 0 B
Chrome => 0 B
Firefox => 402054560 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 49554 B
systemprofile32 => 33058 B
LocalService => 33125 B
NetworkService => 33125 B
Michal => 566872 B

RecycleBin => 0 B
EmptyTemp: => 396.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:19:48 ====


----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2016/11/22 18:25:00

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
+ ATA Channel 0 (0)
- ST1000DM003-1SB102 ATA Device

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1SB102 : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DM003-1SB102
----------------------------------------------------------------------------
Model : ST1000DM003-1SB102
Firmware : CC43
Serial Number : W9A45GK3
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 274 hod.
Power On Count : 83 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _72 _63 __6 000000F08CDC Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 0000000000A3 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _67 _60 _45 0000005BA8B6 Počet chybných hledání
09 100 100 __0 000000000112 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000053 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _68 _66 _40 000021160020 Teplota toku vzduchu
C1 100 100 __0 0000000000A4 Počet cyklů načítání/vymazání
C2 _32 _20 __0 001400000020 Teplota
C3 __3 __1 __0 000000F08CDC Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 08B400000082 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000028E332C2 Total Host Writes
F2 100 253 __0 0000A6F813F1 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5739 4134 3547 4B33
020: 0000 0000 0000 4343 3433 2020 2020 5354 3130 3030
030: 444D 3030 332D 3153 4231 3032 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0006 00CC 0040
080: 01F0 0029 346B 7D69 4163 3469 BC49 4163 207F 003B
090: 003B 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 9CBD 3763 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 FDFF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0184 9400 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F4A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 48 3F DC 8C F0 00 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 64 64 A3
020: 00 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 43 3C B6 A8 5B 00 00 00 00 09 32
040: 00 64 64 12 01 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 53 00 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 44 42 20 00 16 21 00 00 00 C1 32 00 64 64 A4
0B0: 00 00 00 00 00 00 C2 22 00 20 14 20 00 00 00 14
0C0: 00 00 C3 1A 00 03 01 DC 8C F0 00 00 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 F0 00 00 64 FD 82 00 00 00 B4 08 32 F1 00
100: 00 64 FD C2 32 E3 28 00 00 00 F2 00 00 64 FD F1
110: 13 F8 A6 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 76 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 48 00 00 00 03 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 6D 70 B0 2E E6 00 00 00
1B0: 00 00 00 00 01 00 6E 00 C2 32 E3 28 00 00 00 00
1C0: F1 13 F8 A6 00 00 00 00 00 00 00 00 34 80 96 00
1D0: 00 00 00 00 00 00 00 00 6C 0B 00 00 06 00 00 00
1E0: 00 00 00 00 F1 08 00 00 00 00 00 00 00 00 00 06
1F0: 00 00 00 00 00 00 00 00 00 00 14 17 00 00 00 FF

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 2D 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F0 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AF
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43297
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jaro3 » 22 lis 2016 19:12

Disk OK , ještě ten Memtest , problémy pořád?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jogin
Level 1.5
Level 1.5
Příspěvky: 143
Registrován: říjen 10
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Prosím o kontrolu Logu

Příspěvekod jogin » 22 lis 2016 20:02

jj pořád mám download okolo 1mb/s přitom když se kouknu do stavu sítě tak mi to píše 1gb/s, zkusil jsem i na notesu stejnej download , chyba bude asi v kabelech :( myslím že mužu dát zelenou fajfku PC beží krásně. Děkuji moc za pomoc :) jen bych se chtěl ještě zeptat ohledně kabelů k internetu ?
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 86 hostů