ICMP Flooding

Zpráva

otipkavasek · #1 Příspěvek od **otipkavasek** » 04 čer 2017 19:34

Dobrý večer,
poslední dobou se mi stává, že mi ESET hlásí hlášku ohledně útoku ICMP Flooding. Zkoušel jsem resetovat router, což nepomohlo. Ještě jsem si všiml, i když nevím zda to spolu souvisí, že mi při práci na PC sem tam problikne jakoby okno s příkazovým řádkem. Přikládám log, děkuji za rady.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
Ran by otipk (administrator) on DESKTOP-0GOFHJ5 (04-06-2017 20:29:13)
Running from C:\Users\otipk\Desktop
Loaded Profiles: otipk (Available Profiles: defaultuser0 & otipk)
Platform: Windows 10 Pro Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Autodesk, Inc.) F:\Programy\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINYE.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files\mozilla firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\mozilla firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\mozilla firefox\firefox.exe
(Akamai Technologies, Inc.) C:\Users\otipk\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\otipk\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-01] (Valve Corporation)
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Run: [Akamai NetSession Interface] => C:\Users\otipk\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINYE.EXE [298560 2014-03-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f3b019b2-3273-41a8-9c71-7e9d115082c9}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-369533939-1309753-115742068-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-25] (Microsoft Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-25] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: m12xiknx.default
FF ProfilePath: C:\Users\otipk\AppData\Roaming\Mozilla\Firefox\Profiles\m12xiknx.default [2017-06-04]
FF Homepage: Mozilla\Firefox\Profiles\m12xiknx.default -> seznam.cz
FF Extension: (uBlock Origin) - C:\Users\otipk\AppData\Roaming\Mozilla\Firefox\Profiles\m12xiknx.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-09-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-25] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-13] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2017-02-19] (ESET)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2016-12-01] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
R2 mitsijm2017; F:\Programy\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [78776 2016-11-17] (Micro-Star INT'L CO., LTD.)
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155920 2017-05-22] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3125656 2017-05-22] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-08-21] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-02-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-02-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-06-28] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-02-19] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-02-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-02-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-02-19] (ESET)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-10-26] (Intel Corporation)
R3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [184120 2016-10-26] (Intel Corporation)
R3 iaLPSS2_UART2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [287032 2016-10-26] (Intel Corporation)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56376 2016-10-01] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-05-04] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-04 20:29 - 2017-06-04 20:29 - 00015031 _____ C:\Users\otipk\Desktop\FRST.txt
2017-06-04 20:29 - 2017-06-04 20:29 - 00000000 ____D C:\FRST
2017-06-04 20:28 - 2017-06-04 20:28 - 02433536 _____ (Farbar) C:\Users\otipk\Desktop\FRST64.exe
2017-06-04 20:08 - 2017-06-04 20:08 - 00000000 ___HD C:\OneDriveTemp
2017-06-03 14:07 - 2017-06-03 14:07 - 00000221 _____ C:\Users\otipk\Desktop\Stronghold Crusader HD.url
2017-06-03 13:36 - 2017-06-03 13:36 - 11228510 _____ C:\Users\otipk\Downloads\Slic3r-1.35.1-prusa3d-win64-full-201706021450.zip
2017-06-03 13:36 - 2017-06-03 13:36 - 00000000 ____D C:\Users\otipk\Desktop\Slic3r-1.35.1-prusa3d-win64-full-201706021450
2017-05-31 20:57 - 2017-05-31 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-05-31 20:57 - 2017-05-31 20:57 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 20:57 - 2017-05-19 18:07 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-31 20:57 - 2017-05-01 22:14 - 00134592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-05-31 20:57 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 20:57 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 20:57 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 20:57 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 20:56 - 2017-05-31 20:57 - 00000000 ____D C:\WINDOWS\LastGood
2017-05-30 19:48 - 2017-05-30 19:48 - 00291084 _____ C:\Users\otipk\Desktop\pokus_flex.stl
2017-05-28 16:34 - 2017-05-28 16:34 - 05492051 _____ C:\Users\otipk\Downloads\Mother_s_Day_Sculpture_V2.zip
2017-05-28 16:34 - 2017-05-13 13:37 - 10376134 _____ C:\Users\otipk\Desktop\Mothers_DaySTL_Remix.stl
2017-05-28 13:11 - 2017-05-28 13:11 - 00000222 _____ C:\Users\otipk\Desktop\Banished.url
2017-05-25 18:55 - 2017-05-25 18:55 - 00142988 _____ C:\Users\otipk\Downloads\slevomat-cz-voucher-kocky-maji-pre-kava-a-dezert-v-kocici-kavarne-3053418220B-611(1).pdf
2017-05-25 18:54 - 2017-05-25 18:54 - 00142938 _____ C:\Users\otipk\Downloads\slevomat-cz-voucher-kocky-maji-pre-kava-a-dezert-v-kocici-kavarne-3053418220B-611.pdf
2017-05-25 18:44 - 2017-05-25 18:44 - 00000000 ____D C:\Users\otipk\Documents\League of Legends
2017-05-25 17:00 - 2017-05-25 17:00 - 00000000 ____D C:\ProgramData\Riot Games
2017-05-25 16:59 - 2017-05-25 18:44 - 00000828 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-05-25 16:59 - 2017-05-25 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-05-25 16:59 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-05-25 16:59 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-05-25 16:59 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-05-25 16:58 - 2017-05-25 16:59 - 00000000 ____D C:\Users\otipk\AppData\Roaming\Riot Games
2017-05-25 16:57 - 2017-05-25 16:58 - 32529256 _____ (Riot Games) C:\Users\otipk\Downloads\LeagueofLegends_EUNE_Installer_2016_11_10.exe
2017-05-19 18:05 - 2017-05-19 18:05 - 35397528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00969624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-19 18:04 - 2017-05-19 18:04 - 00507984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01996696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01598360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 01062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00999832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00829848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00659864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-19 18:03 - 2017-05-19 18:03 - 00054680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 40210512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 35290192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 03800984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-19 18:02 - 2017-05-19 18:02 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 11161992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 10648512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 09102480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 01296264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 01011488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00633040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00626384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-19 17:48 - 2017-05-19 17:48 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 09335520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-19 17:47 - 2017-05-19 17:47 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-19 14:22 - 2017-05-19 14:22 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-19 14:22 - 2017-05-19 14:22 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-14 11:16 - 2017-05-14 11:16 - 00158208 _____ C:\Users\otipk\Desktop\Sestava1.iam
2017-05-14 10:53 - 2017-05-14 11:16 - 00208896 _____ C:\Users\otipk\Desktop\pritlak.ipt
2017-05-14 10:30 - 2017-05-25 16:14 - 00195584 _____ C:\Users\otipk\Desktop\culok.ipt
2017-05-14 10:06 - 2017-05-25 16:04 - 00632832 _____ C:\Users\otipk\Desktop\deska.ipt
2017-05-13 20:37 - 2017-05-25 16:42 - 00000000 ____D C:\Users\otipk\Desktop\OldVersions
2017-05-13 20:18 - 2017-05-25 16:39 - 01018368 _____ C:\Users\otipk\Desktop\extruder1.ipt
2017-05-13 15:47 - 2017-05-25 16:42 - 01000448 _____ C:\Users\otipk\Desktop\extruder.ipt
2017-05-13 14:43 - 2017-05-13 14:43 - 02153298 _____ C:\Users\otipk\Downloads\Rebel II.c 10 mm.zip
2017-05-13 14:43 - 2017-02-19 16:56 - 00000000 ____D C:\Users\otipk\Desktop\Rebel II.c 10 mm
2017-05-11 22:04 - 2017-06-03 14:00 - 00000000 ____D C:\ProgramData\Codemasters
2017-05-11 14:34 - 2017-05-11 14:35 - 06337710 _____ C:\Users\otipk\Downloads\prilohy_23144.zip
2017-05-10 14:12 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 14:12 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 14:12 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 14:12 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 14:12 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 14:12 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 14:12 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 14:12 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 14:12 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 14:12 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 14:12 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 14:12 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 14:12 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 14:12 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:12 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 14:12 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 14:12 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 14:12 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 14:12 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 14:12 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-10 14:12 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 14:12 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-10 14:12 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 14:12 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-10 14:12 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 14:12 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 14:12 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 14:12 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-10 14:12 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 14:12 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:12 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 14:12 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 14:12 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 14:12 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 14:12 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 14:12 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 14:12 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 14:12 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 14:12 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 14:12 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 14:12 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-10 14:12 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 14:12 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 14:12 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 14:12 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 14:12 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 14:12 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 14:12 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 14:12 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 14:12 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 14:12 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 14:12 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 14:12 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 14:12 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 14:12 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 14:12 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-10 14:12 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-10 14:12 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 14:12 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 14:12 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 14:12 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 14:12 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-10 14:12 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 14:12 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-10 14:12 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 14:12 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 14:12 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 14:12 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 14:12 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 14:12 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 14:12 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-10 14:12 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 14:12 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-10 14:12 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 14:12 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-10 14:12 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-10 14:12 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 14:12 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 14:12 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-10 14:12 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 14:12 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 14:12 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 14:12 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 14:12 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 14:12 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 14:12 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 14:12 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 14:12 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 14:12 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 14:12 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-10 14:12 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 14:12 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 14:12 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-10 14:12 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 14:12 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 14:12 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 14:12 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 14:12 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 14:12 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 14:12 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 14:12 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 14:12 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 14:12 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 14:12 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 14:12 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-10 14:12 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 14:12 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-10 14:12 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 14:12 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 14:12 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-10 14:12 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 14:12 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 14:12 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-06 13:25 - 2017-05-06 13:25 - 00000221 _____ C:\Users\otipk\Desktop\LIMBO.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-04 20:09 - 2016-11-22 20:22 - 00000000 ____D C:\Users\otipk\AppData\LocalLow\Mozilla
2017-06-04 20:09 - 2016-10-13 09:22 - 00000000 ____D C:\Users\otipk\AppData\Local\Akamai
2017-06-04 20:08 - 2016-08-14 12:09 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-04 20:08 - 2016-08-14 10:16 - 00000000 ___RD C:\Users\otipk\OneDrive
2017-06-03 14:17 - 2017-04-17 21:21 - 00000000 ____D C:\Users\otipk
2017-06-03 14:17 - 2017-04-17 21:21 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-03 14:07 - 2016-08-14 12:26 - 00000000 ____D C:\Users\otipk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-06-03 14:06 - 2016-08-14 11:29 - 00000000 ____D C:\ProgramData\Origin
2017-06-03 14:03 - 2016-08-14 12:02 - 00000000 ____D C:\Users\otipk\AppData\Roaming\Origin
2017-06-03 14:02 - 2016-08-14 11:29 - 00000000 ____D C:\Program Files (x86)\Origin
2017-06-02 09:19 - 2017-04-17 21:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-01 17:12 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-01 17:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-31 21:00 - 2017-04-17 21:34 - 01869920 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-31 21:00 - 2017-03-20 06:39 - 00797774 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-31 21:00 - 2017-03-20 06:39 - 00164984 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-31 20:57 - 2017-04-17 21:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-31 20:57 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 20:56 - 2017-04-17 21:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-30 19:46 - 2016-10-13 09:38 - 00000000 ____D C:\Users\Public\Documents\.forever
2017-05-30 19:20 - 2017-01-07 12:20 - 00001235 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2017-05-25 16:56 - 2017-01-24 17:05 - 00000000 ____D C:\Program Files\mozilla firefox
2017-05-25 16:56 - 2016-08-14 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-25 16:09 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-25 16:08 - 2016-08-14 21:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-25 15:57 - 2016-08-14 10:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-25 15:56 - 2016-08-14 10:56 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-19 18:07 - 2017-03-20 06:41 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-19 18:03 - 2017-03-17 17:59 - 01609232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-05-19 18:03 - 2017-03-17 17:59 - 00226712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-05-19 17:47 - 2017-03-17 17:59 - 04136736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-19 14:22 - 2017-03-17 17:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-14 21:09 - 2016-08-14 10:15 - 00000000 ____D C:\Users\otipk\AppData\Local\Packages
2017-05-13 21:19 - 2017-04-24 19:06 - 00000000 ____D C:\ProgramData\Documents\stalker-shoc
2017-05-12 16:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-11 22:04 - 2016-08-14 13:35 - 00000000 ____D C:\Users\otipk\Documents\My Games
2017-05-11 21:55 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-10 17:34 - 2016-08-14 10:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 17:27 - 2017-04-17 21:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-10 17:27 - 2017-04-17 21:20 - 00510784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-10 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 17:26 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 17:26 - 2017-03-18 13:40 - 01572864 _____ C:\WINDOWS\system32\config\BBI
2017-05-10 14:14 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-10 12:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-10 12:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-08 11:03 - 2016-08-14 11:24 - 00000000 ____D C:\Users\otipk\AppData\Local\Ubisoft Game Launcher
2017-05-06 23:48 - 2016-08-28 20:47 - 00000000 ____D C:\Users\otipk\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2017-04-19 18:23 - 2017-04-19 18:23 - 0007634 _____ () C:\Users\otipk\AppData\Local\Resmon.ResmonCfg
2017-04-17 21:21 - 2017-04-17 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-31 21:59

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 04 čer 2017 19:50

Zdravím!
Někdo se snaží vám hacknout comp. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

otipkavasek · #3 Příspěvek od **otipkavasek** » 04 čer 2017 19:59

Děkuji za rychlou reakci, už to tak vypadá. Dneska je zlá doba, tady je ten log.
# AdwCleaner v6.047 - Log vytvořen 04/06/2017 v 20:56:19
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-06-02.2 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : otipk - DESKTOP-0GOFHJ5
# Spuštěno z : C:\Users\otipk\Desktop\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [798 Bajty] - [04/06/2017 20:56:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1369 Bajty] - [04/06/2017 20:56:11]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [943 Bajty] ##########

#4 Příspěvek od **Rudy** » 04 čer 2017 20:58

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\otipk\AppData\Local\Akamai
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Run: [Akamai NetSession Interface] => C:\Users\otipk\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Policies\Explorer: []
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

otipkavasek · #5 Příspěvek od **otipkavasek** » 05 čer 2017 07:24

Všechno proběhlo, avšak s hláškou že v jednotce chybí disk, snad to tedy nemělo nějaký zásadní vliv.

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by otipk (05-06-2017 08:20:25) Run:1
Running from C:\Users\otipk\Desktop
Loaded Profiles: otipk (Available Profiles: defaultuser0 & otipk)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\otipk\AppData\Local\Akamai
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Run: [Akamai NetSession Interface] => C:\Users\otipk\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-369533939-1309753-115742068-1001\...\Policies\Explorer: []
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

"C:\Users\otipk\AppData\Local\Akamai" folder move:

Could not move "C:\Users\otipk\AppData\Local\Akamai" => Scheduled to move on reboot.

HKU\S-1-5-21-369533939-1309753-115742068-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-369533939-1309753-115742068-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67913828 B
Java, Flash, Steam htmlcache => 698818418 B
Windows/system/drivers => 8555936 B
Edge => 994 B
Chrome => 0 B
Firefox => 388700185 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 0 B
defaultuser0 => 0 B
otipk => 294894589 B

RecycleBin => 13151 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-06-2017 08:22:18)

C:\Users\otipk\AppData\Local\Akamai => Is moved successfully

==== End of Fixlog 08:22:18 ====

#6 Příspěvek od **Rudy** » 05 čer 2017 16:29

To by vliv mít nemělo. Nyní PC sledujte a při případném opakování se ozvěte.

otipkavasek · #7 Příspěvek od **otipkavasek** » 05 čer 2017 19:14

Tak to byl fofr

děkuji zatím moc za pomoc, kdyby něco tak tady napíšu.

#8 Příspěvek od **Rudy** » 05 čer 2017 19:58

OK, zatím není zač!

otipkavasek · #9 Příspěvek od **otipkavasek** » 07 čer 2017 18:50

Tak bohužel Vás zase zaměstnám. Při zobrazení fotky na fb vyskočilo opět upozornění, tak nevím jestli to povolit na trvalo nebo se jedná o problém a nějak to blokovat?

#10 Příspěvek od **Rudy** » 07 čer 2017 18:56

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

otipkavasek · #11 Příspěvek od **otipkavasek** » 07 čer 2017 19:06

Spustil jsem sken hrozeb, nic nenalezeno, viz. zpráva.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 07.06.17
Čas skenování: 20:03
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.141
Aktualizovat verzi balíku komponent: 1.0.2106
Licence: Zkušební

-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-0GOFHJ5\otipk

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 436303
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 1 min, 53 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#12 Příspěvek od **Rudy** » 07 čer 2017 20:00

Váš PC je zcela čistý. IP adresa (192.168.0.1) je vnitřní adresou sítě, přes níž jste připojen k internetu. Teď je důležité vědět, jestli ta adresa patří síť. bráně (např. routeru, nebo modemu), nebo je to adresa jiného PC v síti. V prvním případě by to byl útok zvenčí (z internetu) a v tom druhém od jiného uživatele stejné sítě. Faktem je, že ESS úspěšně tento útok blokuje, takže není důvod k obavám. Dejte "nadále blokovat" a přepněte na "neupozorňovat". ESS pak bude útok nadále blokovat, ale hláška vyskakovat nebude.

otipkavasek · #13 Příspěvek od **otipkavasek** » 07 čer 2017 20:23

Je to adresa routeru, přes který jsem připojen. No je to zvláštní proč se to děje, moc se v tom nepohybuju takže to asi dám blokovat a nebudu to dále řešit. Tím pádem opět děkuji za rady a přeji hezký zbytek večera.

#14 Příspěvek od **Rudy** » 07 čer 2017 20:57

Blokovat v každém případě. Koneckonců ESS dělá, co dělat má, útočník se do PC nedostane. Nemáte zač a také hezký den!

VIRY.CZ

ICMP Flooding

ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding

Re: ICMP Flooding