Máte problém s virem? Vložte sem log z FRST nebo RSIT.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST
[návod zde] nebo RSIT
[návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte
Pravidlo o zamykání témat . Děkujeme za pochopení.
!NOVINKA!www.neslape.cz
pivik
Vzorný návštěvník
Příspěvky: 25 Registrován: 19 dub 2006 19:07
#1
Příspěvek
od pivik 29 čer 2017 17:50
Ahoj po dlouhé době. Na notebooku Lenovo T420s mám dualboot Windows 10 a Debian 9 Stretch. Polední dobou je problém na W10 s tím, že nědo neutále hrabe na disk a tím se snižuje výkon notebooku. Ze začátku to bylo OK. Vytížení disku trvající i desítky minut je i ve chvíli, kdy neprobíhají žádné aktualizace. Přikládám log. Předem děkuji za případné rady.
Kód: Vybrat vše
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.953
Run by Otas at 16:45:39 on 2017-06-29
Microsoft Windows 10 Pro 10.0.14393.0.1250.420.1029.18.8074.5897 [GMT 2:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\LPlatSvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\SAsrv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
C:\Windows\system32\wbem\wmiprvse.exe
svchost.exe
C:\Windows\system32\LPlatSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Ota\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Users\Ota\AppData\Local\Apps\2.0\KQ9EP6DW.OJR\Q436901L.E0G\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
C:\Windows\System32\svchost.exe -k smphost
C:\Windows\System32\smartscreen.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uRun: [OneDrive] "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRunOnce: [Uninstall 17.3.6798.0207\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64"
uRunOnce: [Uninstall 17.3.6798.0207] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\17.3.6798.0207"
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0ae6b9dd-a68d-4bc0-94f8-2b845cec1df4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0f26d58a-f85d-4aec-8f72-ae7e4eb02916} : DHCPNameServer = 192.168.1.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
AppInit_DLLs= C:\Windows\SysWoW64\nvinit.dll,C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\usrg6hu6.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Ovladač modulu Intel(R) Power Engine Plug-in;C:\Windows\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\Windows\System32\drivers\iorate.sys [2017-2-3 48992]
R0 volume;Ovladač svazku;C:\Windows\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Služba zabezpečení důvěryhodného modulu runtime Microsoft Windows;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2017-2-3 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2017-2-3 227328]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R1 MpKslc14ea01f;MpKslc14ea01f;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1169F8E7-4B54-424B-A45A-FD076C6D5009}\MpKslc14ea01f.sys [2017-6-29 44928]
R2 CDPSvc;Služba platformy připojených zařízení;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_6a447;CDPUserSvc_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 clreg;Virtual Registry for Containers;C:\Windows\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2017-2-14 201376]
R2 DiagTrack;Propojená uživatelská prostředí a telemetrie;C:\Windows\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 DraftSight API Service;DraftSight API Service;C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2016-11-10 121344]
R2 LPlatSvc;Lenovo Platform Service;C:\Windows\System32\LPlatSvc.exe [2016-11-1 711256]
R2 OneSyncSvc_6a447;Hostitel synchronizace_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]
R2 SmsRouter;Služba směrovače SMS systému Microsoft Windows;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2017-2-3 410768]
R2 storqosflt;Ovladač filtru technologie QoS pro úložiště;C:\Windows\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-10-3 259176]
R2 tiledatamodelsvc;Server datového modelu dlaždic;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 UserManager;Správce uživatelů;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 wcifs;Windows Container Isolation;C:\Windows\System32\drivers\wcifs.sys [2017-2-3 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\Windows\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [?]
R2 WpnService;Systémová služba nabízených oznámení Windows;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 ClipSVC;Služba pro klientské licence (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2017-2-3 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2017-2-3 30248]
R3 l36wgps; Mobile Broadband GPS Port;C:\Windows\System32\drivers\l36wgps64.sys [2017-2-3 101416]
R3 lfsvc;Služba sledování zeměpisné polohy;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 LicenseManager;Služba správce licencí Windows;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 Mbm3CBus;F5521gw Mobile Broadband Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2017-2-3 419400]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2017-2-3 430664]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2017-2-3 19528]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2017-2-3 483400]
R3 NcbService;Zprostředkovatel síťového připojení;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Enumerátor virtuálního síťového adaptéru Microsoft;C:\Windows\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\drivers\NETwew01.sys [2016-7-16 3343872]
R3 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2015-7-23 31376]
R3 PimIndexMaintenanceSvc_6a447;Data kontaktů_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 smphost;Prostory úložiště SMP společnosti Microsoft;C:\Windows\System32\svchost.exe -k smphost [2016-7-16 44496]
R3 StateRepository;Služba State Repository;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Zprostředkovatel času;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 UnistoreSvc_6a447;Úložiště uživatelských dat_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_6a447;Přístup k uživatelským datům_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UsoSvc;Aktualizovat službu Orchestrator pro Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 WdNisDrv;Systémový ovladač kontroly sítě programu Windows Defender;C:\Windows\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
R3 WdNisSvc;Služba kontroly sítě programu Windows Defender;C:\Program Files\Windows Defender\NisSrv.exe [2017-5-12 347320]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2016-7-16 216064]
R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2017-2-3 268840]
S2 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S2 DoSvc;Optimalizace doručení;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S2 MapsBroker;Správce stažených map;C:\Windows\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S2 MessagingService_6a447;Služba zasílání zpráv_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 AcpiDev;Ovladač zařízení ACPI;C:\Windows\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;Služba směrovače AllJoyn;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 applockerfltr;Smartlocker Filter Driver;C:\Windows\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;Připravenost aplikací;C:\Windows\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppvStrm;AppvStrm;C:\Windows\System32\drivers\AppVStrm.sys [2017-2-3 127328]
S3 AppvVemgr;AppvVemgr;C:\Windows\System32\drivers\AppvVemgr.sys [2016-7-16 157024]
S3 AppvVfs;AppvVfs;C:\Windows\System32\drivers\AppvVfs.sys [2016-7-16 141152]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Služba Bluetooth Handsfree;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Služba pro zařízení pro ovládání přenosných zařízení;C:\Windows\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;Ovladač HID pro dotykovou obrazovku CapImg;C:\Windows\System32\drivers\capimg.sys [2017-2-3 118272]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 diagnosticshub.standardcollector.service;Standardní služba sběru dat pro Centrum diagnostiky Microsoft (R);C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Služba zápisu při správě zařízení;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DsSvc;Služba sdílení dat;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 embeddedmode;Vložený režim;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Služba Správa aplikací pro rozlehlé sítě;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2017-2-15 1595400]
S3 FrameServer;Windows Camera Frame Server;C:\Windows\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Obecná funkční třída USB;C:\Windows\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 hidinterrupt;Společný ovladač pro tlačítka standardu HID implementovaná s přerušeními;C:\Windows\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;Hostitelská služba HV;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 cht4iscsi;cht4iscsi;C:\Windows\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio – ovladač virtuální sběrnice;C:\Windows\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Hostitelský řadič Intel(R) Serial IO I2C;C:\Windows\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Ovladač řadiče Intel(R) Serial IO I2C v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Ovladač řadiče Intel(R) Serial IO I2C;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Řadič Intel(R) SATA diskového pole RAID – Windows;C:\Windows\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (ovladač filtru);C:\Windows\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Služba mobilní hotspot systému Windows;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Ovladač Indirect Displays v režimu jádra;C:\Windows\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 megasas2i;megasas2i;C:\Windows\System32\drivers\MegaSas2i.sys [2017-2-3 64352]
S3 mlx4_bus;Enumerátor sběrnice Mellanox ConnectX;C:\Windows\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 MsSecFlt;Minifiltr součástí pro události zabezpečení od Microsoftu;C:\Windows\System32\drivers\mssecflt.sys [2016-7-16 179040]
S3 ndfltr;Služba NetworkDirect;C:\Windows\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\Windows\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Služba instalace sítě;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Telefonní služba;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Služba ukázkového režimu pro prodejny;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Služba výčtu zařízení čipové karty;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Ovladač Microsoftu pro sběrnici SCM (Storage Class Memory);C:\Windows\System32\drivers\scmbus.sys [2017-5-12 88416]
S3 scmdisk0101;Disková jednotka Microsoft NVDIMM-N;C:\Windows\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 Sense;Služba Rozšířená ochrana před internetovými útoky v programu Windows Defender;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-2-3 2889896]
S3 SensorDataService;Služba dat ze senzorů;C:\Windows\System32\SensorDataService.exe [2017-3-17 1312768]
S3 SensorService;Senzorová služba;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 stornvme;Ovladač Microsoft Standard NVM Express ;C:\Windows\System32\drivers\stornvme.sys [2017-2-3 81760]
S3 storufs;Ovladač Microsoft Universal Flash Storage (UFS);C:\Windows\System32\drivers\storufs.sys [2016-7-16 32096]
S3 TieringEngineService;Správa vrstev úložiště;C:\Windows\System32\TieringEngineService.exe [2016-7-16 287744]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\Windows\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;Klient UCSI Správce konektoru USB;C:\Windows\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 UEFI;Ovladač Microsoft UEFI;C:\Windows\System32\drivers\uefi.sys [2016-7-16 28512]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;Řadič USB – Chipidea;C:\Windows\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;Řadič USB – Synopsys;C:\Windows\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsChipidea;Chipidea – ovladač USB pro přepínání rolí;C:\Windows\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsSynopsys;Synopsys – ovladač USB pro přepínání rolí;C:\Windows\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 vhf;Ovladač VHF (Virtual HID Framework);C:\Windows\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Ovladač infrastruktury hosta Microsoft Hyper-V;C:\Windows\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Rozhraní služby hosta technologie Hyper-V;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Přímá služba PowerShell pro Hyper-V;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;C:\Windows\System32\svchost.exe -k ICService [2016-7-16 44496]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2017-3-17 719872]
S3 wdm_usb;wdm_usb;C:\Windows\System32\drivers\usb2ser.sys [2016-8-16 159936]
S3 WEPHOSTSVC;Hostitelská služba zprostředkovatele šifrování Windows;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;Služba WinMad;C:\Windows\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;Služba WinVerbs;C:\Windows\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Služba Windows Insider;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Pracovní složky;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_6a447;Uživatelská služba nabízených oznámení Windows_6a447;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Uložení hry Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2017-3-17 258560]
S3 XboxNetApiSvc;Síťová služba Xbox Live;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2017-2-3 43520]
S4 AppVClient;Microsoft App-V Client;C:\Windows\System32\AppVClient.exe [2017-2-3 822624]
S4 shpamsvc;Shared PC Account Manager;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 tzautoupdate;Automatický aktualizátor časových pásem;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S4 UevAgentDriver;UevAgentDriver;C:\Windows\System32\drivers\UevAgentDriver.sys [2016-7-16 40288]
S4 UevAgentService;User Experience Virtualization Service;C:\Windows\System32\AgentService.exe [2016-7-16 1227264]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-06-29 14:43:16 44928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1169F8E7-4B54-424B-A45A-FD076C6D5009}\MpKslc14ea01f.sys
2017-06-29 14:34:41 13120896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1169F8E7-4B54-424B-A45A-FD076C6D5009}\mpengine.dll
2017-06-24 14:54:33 13120896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-06-17 11:53:26 30912 ----a-w- C:\Windows\System32\aspnet_counters.dll
2017-06-17 11:53:22 29376 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2017-06-17 11:53:08 690008 ----a-w- C:\Windows\System32\msvcp120_clr0400.dll
2017-06-17 11:53:08 485576 ----a-w- C:\Windows\SysWow64\msvcp120_clr0400.dll
2017-06-17 11:53:08 18592 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2017-06-17 11:53:03 18600 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2017-06-17 11:52:55 993632 ----a-w- C:\Windows\System32\msvcr120_clr0400.dll
2017-06-17 11:52:55 987840 ----a-w- C:\Windows\SysWow64\msvcr120_clr0400.dll
2017-06-17 10:48:51 -------- d-s---w- C:\Windows\UpdateAssistantV2
2017-06-17 09:58:42 -------- d---a-w- C:\Program Files\UNP
2017-06-17 09:58:42 -------- d-----w- C:\Windows\System32\UNP
2017-06-17 09:53:59 552960 ----a-w- C:\Windows\System32\MusUpdateHandlers.dll
2017-06-10 08:26:54 1078240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C41D0F77-8E2E-4880-94FA-D3415F5FD628}\gapaengine.dll
.
==================== Find3M ====================
.
2017-06-03 10:50:15 192856 ----a-w- C:\Windows\SysWow64\aepic.dll
2017-06-03 10:50:04 315744 ----a-w- C:\Windows\SysWow64\atmfd.dll
2017-06-03 10:16:14 279904 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2017-06-03 10:14:28 379232 ----a-w- C:\Windows\System32\atmfd.dll
2017-06-03 10:14:27 629088 ----a-w- C:\Windows\System32\generaltel.dll
2017-06-03 10:14:27 1564512 ----a-w- C:\Windows\System32\appraiser.dll
2017-06-03 10:14:27 1214816 ----a-w- C:\Windows\System32\aeinv.dll
2017-06-03 10:14:26 96608 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2017-06-03 10:14:26 544096 ----a-w- C:\Windows\System32\devinv.dll
2017-06-03 10:14:26 334176 ----a-w- C:\Windows\System32\invagent.dll
2017-06-03 10:14:26 233824 ----a-w- C:\Windows\System32\aepic.dll
2017-06-03 10:14:26 136032 ----a-w- C:\Windows\System32\acmigration.dll
2017-06-03 10:14:25 136024 ----a-w- C:\Windows\System32\ImplatSetup.dll
2017-06-03 10:14:23 335712 ----a-w- C:\Windows\System32\dcntel.dll
2017-06-03 10:14:20 34648 ----a-w- C:\Windows\System32\DeviceCensus.exe
2017-06-03 10:11:29 1706488 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2017-06-03 10:11:25 128864 ----a-w- C:\Windows\System32\drivers\tm.sys
2017-06-03 10:09:08 2213760 ----a-w- C:\Windows\System32\KernelBase.dll
2017-06-03 10:08:10 7783256 ----a-w- C:\Windows\System32\ntoskrnl.exe
2017-06-03 10:06:40 2048496 ----a-w- C:\Windows\SysWow64\CoreUIComponents.dll
2017-06-03 10:01:49 2681200 ----a-w- C:\Windows\System32\CoreUIComponents.dll
2017-06-03 09:59:51 764392 ----a-w- C:\Windows\System32\CoreMessaging.dll
2017-06-03 09:59:40 1181024 ----a-w- C:\Windows\System32\drivers\ndis.sys
2017-06-03 09:59:25 118112 ----a-w- C:\Windows\System32\drivers\tdx.sys
2017-06-03 09:58:13 340832 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2017-06-03 09:55:19 780640 ----a-w- C:\Windows\SysWow64\WWAHost.exe
2017-06-03 09:54:24 187232 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2017-06-03 09:53:07 404824 ----a-w- C:\Windows\System32\msv1_0.dll
2017-06-03 09:52:57 1021784 ----a-w- C:\Windows\SysWow64\AppxPackaging.dll
2017-06-03 09:52:38 111968 ----a-w- C:\Windows\SysWow64\NetSetupApi.dll
2017-06-03 09:52:31 607072 ----a-w- C:\Windows\SysWow64\NetSetupEngine.dll
2017-06-03 09:51:09 2187104 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2017-06-03 09:51:02 402272 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2017-06-03 09:50:35 857440 ----a-w- C:\Windows\System32\WWAHost.exe
2017-06-03 09:50:15 381792 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS
2017-06-03 09:49:28 624048 ----a-w- C:\Windows\System32\drivers\cng.sys
2017-06-03 09:49:27 509280 ----a-w- C:\Windows\System32\drivers\storport.sys
2017-06-03 09:48:48 1100128 ----a-w- C:\Windows\System32\hvix64.exe
2017-06-03 09:48:44 1112416 ----a-w- C:\Windows\System32\AppxPackaging.dll
2017-06-03 09:48:39 989024 ----a-w- C:\Windows\System32\hvax64.exe
2017-06-03 09:48:28 857952 ----a-w- C:\Windows\System32\NetSetupEngine.dll
2017-06-03 09:48:26 148832 ----a-w- C:\Windows\System32\NetSetupApi.dll
2017-06-03 09:44:54 1412640 ----a-w- C:\Windows\SysWow64\gdi32full.dll
2017-06-03 09:44:50 545944 ----a-w- C:\Windows\SysWow64\fontdrvhost.exe
2017-06-03 09:44:34 1600624 ----a-w- C:\Windows\System32\sppobjs.dll
2017-06-03 09:40:36 1566552 ----a-w- C:\Windows\System32\gdi32full.dll
2017-06-03 09:40:33 628552 ----a-w- C:\Windows\System32\fontdrvhost.exe
2017-06-03 09:39:35 2532192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2017-06-03 09:39:09 455520 ----a-w- C:\Windows\System32\securekernel.exe
2017-06-03 09:39:04 5686272 ----a-w- C:\Windows\SysWow64\Windows.Data.Pdf.dll
2017-06-03 09:33:14 95232 ----a-w- C:\Windows\SysWow64\UserDataTimeUtil.dll
2017-06-03 09:32:12 2560 ----a-w- C:\Windows\SysWow64\tzres.dll
2017-06-03 09:31:50 37376 ----a-w- C:\Windows\SysWow64\atmlib.dll
2017-06-03 09:31:14 224256 ----a-w- C:\Windows\SysWow64\ExSMime.dll
2017-06-03 09:28:56 232448 ----a-w- C:\Windows\SysWow64\edputil.dll
2017-06-03 09:28:32 285184 ----a-w- C:\Windows\SysWow64\Windows.UI.BlockedShutdown.dll
2017-06-03 09:26:16 231936 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.LockScreen.dll
2017-06-03 09:26:00 100352 ----a-w- C:\Windows\SysWow64\AuthBrokerUI.dll
2017-06-03 09:23:57 306688 ----a-w- C:\Windows\SysWow64\ieproxy.dll
2017-06-03 09:22:56 364544 ----a-w- C:\Windows\SysWow64\NetSetupShim.dll
2017-06-03 09:22:53 181760 ----a-w- C:\Windows\SysWow64\tcpipcfg.dll
2017-06-03 09:22:36 327168 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2017-06-03 09:22:29 7217152 ----a-w- C:\Windows\System32\Windows.Data.Pdf.dll
2017-06-03 09:20:21 755712 ----a-w- C:\Windows\SysWow64\kerberos.dll
2017-06-03 09:19:49 1164288 ----a-w- C:\Windows\SysWow64\certutil.exe
2017-06-03 09:18:28 22569984 ----a-w- C:\Windows\System32\edgehtml.dll
2017-06-03 09:16:30 119808 ----a-w- C:\Windows\System32\UserDataTimeUtil.dll
2017-06-03 09:16:27 709120 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2017-06-03 09:16:24 2560 ----a-w- C:\Windows\System32\tzres.dll
2017-06-03 09:15:41 18364928 ----a-w- C:\Windows\SysWow64\edgehtml.dll
2017-06-03 09:15:38 53248 ----a-w- C:\Windows\System32\musdialoghandlers.dll
2017-06-03 09:15:21 886272 ----a-w- C:\Windows\SysWow64\aadtb.dll
2017-06-03 09:15:20 41472 ----a-w- C:\Windows\System32\drivers\BasicRender.sys
2017-06-03 09:14:44 124416 ----a-w- C:\Windows\System32\mssprxy.dll
2017-06-03 09:14:35 45056 ----a-w- C:\Windows\System32\atmlib.dll
2017-06-03 09:14:18 98304 ----a-w- C:\Windows\System32\MusNotificationUx.exe
2017-06-03 09:14:01 238592 ----a-w- C:\Windows\System32\MusNotification.exe
2017-06-03 09:12:49 27136 ----a-w- C:\Windows\SysWow64\fdProxy.dll
2017-06-03 09:12:28 175104 ----a-w- C:\Windows\System32\wbem\netswitchteamcim.dll
2017-06-03 09:11:56 353792 ----a-w- C:\Windows\System32\cloudAP.dll
2017-06-03 09:10:54 117760 ----a-w- C:\Windows\System32\AuthBrokerUI.dll
2017-06-03 09:10:51 252928 ----a-w- C:\Windows\System32\edputil.dll
2017-06-03 09:10:19 261120 ----a-w- C:\Windows\System32\wbem\ndisimplatcim.dll
2017-06-03 09:10:06 418304 ----a-w- C:\Windows\System32\Windows.UI.BlockedShutdown.dll
2017-06-03 09:09:57 489472 ----a-w- C:\Windows\System32\NetSetupShim.dll
2017-06-03 09:09:50 337408 ----a-w- C:\Windows\System32\NetworkBindingEngineMigPlugin.dll
2017-06-03 09:09:13 441344 ----a-w- C:\Windows\System32\netcorehc.dll
2017-06-03 09:08:28 147456 ----a-w- C:\Windows\System32\winsrv.dll
2017-06-03 09:08:27 691200 ----a-w- C:\Windows\System32\ieproxy.dll
2017-06-03 09:08:25 1221120 ----a-w- C:\Windows\SysWow64\Windows.Media.Audio.dll
2017-06-03 09:08:24 324608 ----a-w- C:\Windows\System32\Windows.ApplicationModel.LockScreen.dll
2017-06-03 09:08:23 2643968 ----a-w- C:\Windows\SysWow64\tquery.dll
2017-06-03 09:07:32 456192 ----a-w- C:\Windows\System32\puiobj.dll
2017-06-03 09:07:14 255488 ----a-w- C:\Windows\System32\HNetCfgClient.dll
2017-06-03 09:06:11 198144 ----a-w- C:\Windows\System32\dpapisrv.dll
2017-06-03 09:06:06 3664384 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-06-03 09:05:25 295424 ----a-w- C:\Windows\SysWow64\hnetcfg.dll
2017-06-03 09:05:10 1883648 ----a-w- C:\Windows\SysWow64\Windows.UI.Logon.dll
2017-06-03 09:04:48 773120 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2017-06-03 09:04:36 6042624 ----a-w- C:\Windows\SysWow64\Chakra.dll
.
============= FINISH: 16:46:07,53 ===============
Debian / W10
Rudy
Site Admin
Příspěvky: 118244 Registrován: 30 říj 2003 13:42Bydliště: Plzeň
Kontaktovat uživatele:
#2
Příspěvek
od Rudy 29 čer 2017 18:31
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum :
https://platba.viry.cz/payment/ .
Navštivte:
e-mail:
rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
pivik
Vzorný návštěvník
Příspěvky: 25 Registrován: 19 dub 2006 19:07
#3
Příspěvek
od pivik 29 čer 2017 18:43
Díky za odpověď, přikládám požadovaný log.
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by Ota (ATTENTION: The user is not administrator) on DEBIAN-LAPTOP-T (29-06-2017 19:41:48)
Running from C:\Users\Ota\Desktop
Loaded Profiles: Otas & Ota (Available Profiles: defaultuser0 & Otas & Ota)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> winlogon.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> WUDFHost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> WUDFHost.exe
Failed to access process -> svchost.exe
Failed to access process -> ibmpmsvc.exe
Failed to access process -> LPlatSvc.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> nvSCPAPISvr.exe
Failed to access process -> nvxdsync.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> SASrv.exe
Failed to access process -> SynTPEnhService.exe
Failed to access process -> mini_WMCore.exe
Failed to access process -> CxAudMsg64.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> dsHttpApiService.exe
Failed to access process -> NisSrv.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Failed to access process -> SearchIndexer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Users\Ota\AppData\Local\Apps\2.0\KQ9EP6DW.OJR\Q436901L.E0G\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> MpCmdRun.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2498368 2015-07-23] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1227410831-555044304-4278492849-1003\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWoW64\nvinit.dll => C:\Windows\SysWoW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0ae6b9dd-a68d-4bc0-94f8-2b845cec1df4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f26d58a-f85d-4aec-8f72-ae7e4eb02916}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1227410831-555044304-4278492849-1001] ATTENTION => Default URLSearchHook is missing
FireFox:
========
FF DefaultProfile: y9iqlxx0.default
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\y9iqlxx0.default [2017-06-29]
FF Homepage: Mozilla\Firefox\Profiles\y9iqlxx0.default -> hxxps://www.seznam.cz/
FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\y9iqlxx0.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2017-05-17]
FF Extension: (Adblock Plus) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\y9iqlxx0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [121344 2016-11-10] (Dassault Systèmes) [File not signed]
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711256 2016-11-01] (Lenovo.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB)
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation)
R1 MpKslc14ea01f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1169F8E7-4B54-424B-A45A-FD076C6D5009}\MpKslc14ea01f.sys [44928 2017-06-29] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
R3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-29 19:41 - 2017-06-29 19:42 - 00010404 _____ C:\Users\Ota\Desktop\FRST.txt
2017-06-29 19:41 - 2017-06-29 19:41 - 00000000 ____D C:\FRST
2017-06-29 19:40 - 2017-06-29 19:41 - 02440704 _____ (Farbar) C:\Users\Ota\Desktop\FRST64.exe
2017-06-29 19:05 - 2017-06-29 19:05 - 00001410 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizace a nastavení ochrany osobních údajů.lnk
2017-06-29 16:53 - 2017-06-29 16:53 - 01329152 _____ C:\Users\Ota\Downloads\RSITx64.exe
2017-06-29 16:43 - 2017-06-29 16:45 - 00688992 ____R (Swearware) C:\Users\Ota\Desktop\dds.exe
2017-06-17 13:53 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-06-17 13:53 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-06-17 13:53 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-06-17 13:53 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-06-17 13:53 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-06-17 13:53 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-06-17 13:52 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-06-17 13:52 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-06-17 12:48 - 2017-06-17 12:49 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-17 11:58 - 2017-06-29 16:34 - 00000000 ____D C:\Windows\system32\UNP
2017-06-17 11:58 - 2017-06-29 16:34 - 00000000 ____D C:\Program Files\UNP
2017-06-17 11:54 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-17 11:54 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-17 11:54 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-17 11:54 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-17 11:54 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-17 11:54 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-17 11:54 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-17 11:54 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-17 11:54 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-17 11:54 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-17 11:54 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-17 11:54 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-17 11:54 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-17 11:54 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-17 11:54 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-17 11:54 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-17 11:54 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-17 11:54 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-17 11:54 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-17 11:54 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-17 11:54 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-17 11:54 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-17 11:54 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-17 11:54 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-17 11:54 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-17 11:54 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-17 11:54 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-17 11:54 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-17 11:54 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-17 11:54 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-17 11:54 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-17 11:54 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-17 11:54 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-17 11:54 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-17 11:54 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-17 11:54 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-17 11:54 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-17 11:54 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-17 11:53 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-17 11:53 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-17 11:53 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-17 11:53 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-17 11:53 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-17 11:53 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-17 11:53 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-17 11:53 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-17 11:53 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-17 11:53 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-17 11:53 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-17 11:53 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-17 11:53 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-17 11:53 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-17 11:53 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-17 11:53 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-17 11:53 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-17 11:53 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-17 11:53 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-17 11:53 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-17 11:53 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-17 11:53 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-17 11:53 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-17 11:53 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-17 11:53 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-17 11:53 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-17 11:53 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-17 11:53 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-17 11:53 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-17 11:53 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-17 11:53 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-17 11:53 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-17 11:53 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-17 11:53 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-17 11:53 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-17 11:53 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-17 11:53 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-17 11:53 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-17 11:53 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-17 11:53 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-17 11:53 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-17 11:53 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-17 11:53 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-17 11:53 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-17 11:53 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-17 11:53 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-17 11:53 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-17 11:53 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-17 11:53 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-17 11:53 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-17 11:53 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-17 11:53 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-17 11:53 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-17 11:53 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-17 11:53 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-17 11:53 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-17 11:53 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-17 11:53 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-17 11:53 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-17 11:53 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-17 11:53 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-17 11:53 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-17 11:53 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-17 11:53 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-17 11:53 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-17 11:53 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-17 11:53 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-17 11:53 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-17 11:53 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-17 11:53 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-17 11:53 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-17 11:53 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-17 11:53 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-17 11:53 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-17 11:53 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-17 11:53 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-17 11:53 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-29 19:39 - 2017-02-03 10:32 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-06-29 19:16 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-29 16:53 - 2017-02-05 14:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 16:46 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-06-29 16:41 - 2017-02-05 15:39 - 00000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2017-06-29 16:41 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-29 16:41 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-06-29 16:36 - 2017-02-03 10:44 - 07401520 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-29 16:36 - 2016-07-17 00:25 - 03524866 _____ C:\Windows\system32\perfh005.dat
2017-06-29 16:36 - 2016-07-17 00:25 - 00997840 _____ C:\Windows\system32\perfc005.dat
2017-06-29 16:32 - 2017-02-03 10:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-29 16:32 - 2017-02-03 10:32 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-24 16:58 - 2017-02-05 15:37 - 00000000 ____D C:\Users\Ota
2017-06-20 16:56 - 2017-02-05 15:38 - 00002381 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 16:56 - 2017-02-05 15:38 - 00000000 ___RD C:\Users\Ota\OneDrive
2017-06-17 13:57 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-06-17 12:52 - 2017-02-03 10:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-17 12:50 - 2017-02-03 10:32 - 00268512 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-17 12:48 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-17 12:48 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-17 12:48 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-17 12:15 - 2017-02-03 11:54 - 00000000 ____D C:\Windows\system32\MRT
2017-06-17 12:11 - 2017-02-03 11:54 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-10 17:04 - 2017-02-05 15:38 - 00000000 ____D C:\Users\Ota\AppData\Roaming\doublecmd
2017-06-08 13:33 - 2017-02-05 14:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-01 08:45 - 2017-02-03 11:55 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2017-02-14 18:16 - 2017-02-14 18:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================Debian / W10
Rudy
Site Admin
Příspěvky: 118244 Registrován: 30 říj 2003 13:42Bydliště: Plzeň
Kontaktovat uživatele:
#4
Příspěvek
od Rudy 29 čer 2017 19:35
FRST hlásí, že neběží pod účtem s admin právy. S takovým logem nelze nic dělat. Přihlaste se pod účtem s plnými právy a dejte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum :
https://platba.viry.cz/payment/ .
Navštivte:
e-mail:
rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
pivik
Vzorný návštěvník
Příspěvky: 25 Registrován: 19 dub 2006 19:07
#5
Příspěvek
od pivik 30 čer 2017 16:23
Zde je log pod správcem
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
Ran by Otas (administrator) on DEBIAN-LAPTOP-T (30-06-2017 15:21:12)
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Otas (Available Profiles: defaultuser0 & Otas & Ota)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2498368 2015-07-23] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1227410831-555044304-4278492849-1001\...\RunOnce: [Uninstall 17.3.6799.0327\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64"
HKU\S-1-5-21-1227410831-555044304-4278492849-1001\...\RunOnce: [Uninstall 17.3.6799.0327] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\17.3.6799.0327"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWoW64\nvinit.dll => C:\Windows\SysWoW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0ae6b9dd-a68d-4bc0-94f8-2b845cec1df4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f26d58a-f85d-4aec-8f72-ae7e4eb02916}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
FireFox:
========
FF DefaultProfile: usrg6hu6.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\usrg6hu6.default [2017-06-30]
FF Homepage: Mozilla\Firefox\Profiles\usrg6hu6.default -> hxxps://www.seznam.cz/
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [121344 2016-11-10] (Dassault Systèmes) [File not signed]
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711256 2016-11-01] (Lenovo.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB)
R3 l36wgps; C:\Windows\system32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\system32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\system32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\system32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)
R3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [26880 2016-07-11] (TPMX Electronics Ltd.)
R3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [33048 2016-07-11] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WwanUsbServ; C:\Windows\System32\drivers\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-30 15:21 - 2017-06-30 15:21 - 00008609 _____ C:\Users\Lenovo\Desktop\FRST.txt
2017-06-30 15:19 - 2017-06-30 15:21 - 02440704 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2017-06-30 15:16 - 2017-06-30 15:16 - 00001410 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizace a nastavení ochrany osobních údajů.lnk
2017-06-29 19:42 - 2017-06-29 19:42 - 00017482 _____ C:\Users\Ota\Desktop\Addition.txt
2017-06-29 19:41 - 2017-06-30 15:21 - 00000000 ____D C:\FRST
2017-06-29 19:41 - 2017-06-29 19:42 - 00032047 _____ C:\Users\Ota\Desktop\FRST.txt
2017-06-29 19:40 - 2017-06-29 19:41 - 02440704 _____ (Farbar) C:\Users\Ota\Desktop\FRST64.exe
2017-06-29 19:05 - 2017-06-29 19:05 - 00001410 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizace a nastavení ochrany osobních údajů.lnk
2017-06-29 16:53 - 2017-06-29 16:53 - 01329152 _____ C:\Users\Ota\Downloads\RSITx64.exe
2017-06-29 16:46 - 2017-06-29 16:46 - 00033060 _____ C:\Users\Lenovo\Desktop\dds.txt
2017-06-29 16:46 - 2017-06-29 16:46 - 00001733 _____ C:\Users\Lenovo\Desktop\attach.txt
2017-06-29 16:43 - 2017-06-29 16:45 - 00688992 ____R (Swearware) C:\Users\Ota\Desktop\dds.exe
2017-06-17 13:53 - 2017-04-21 23:53 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2017-06-17 13:53 - 2017-04-21 23:53 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2017-06-17 13:53 - 2017-04-21 23:50 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-06-17 13:53 - 2017-04-21 23:50 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-06-17 13:53 - 2017-04-11 20:27 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-06-17 13:53 - 2017-03-15 20:15 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2017-06-17 13:52 - 2017-04-11 20:27 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-06-17 13:52 - 2017-03-15 20:15 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2017-06-17 12:48 - 2017-06-17 12:49 - 00000000 ___SD C:\Windows\UpdateAssistantV2
2017-06-17 11:58 - 2017-06-29 16:34 - 00000000 ____D C:\Windows\system32\UNP
2017-06-17 11:58 - 2017-06-29 16:34 - 00000000 ____D C:\Program Files\UNP
2017-06-17 11:54 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-17 11:54 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-06-17 11:54 - 2017-06-03 12:06 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-06-17 11:54 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-17 11:54 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-06-17 11:54 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-06-17 11:54 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2017-06-17 11:54 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2017-06-17 11:54 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2017-06-17 11:54 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2017-06-17 11:54 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-17 11:54 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-06-17 11:54 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-06-17 11:54 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-17 11:54 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-06-17 11:54 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-06-17 11:54 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-17 11:54 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-17 11:54 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-17 11:54 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll
2017-06-17 11:54 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2017-06-17 11:54 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2017-06-17 11:54 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2017-06-17 11:54 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-17 11:54 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-06-17 11:54 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2017-06-17 11:54 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-06-17 11:54 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-06-17 11:54 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-17 11:54 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2017-06-17 11:54 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-06-17 11:54 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll
2017-06-17 11:54 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-17 11:54 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-17 11:54 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-17 11:54 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-06-17 11:54 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-06-17 11:54 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2017-06-17 11:53 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-06-17 11:53 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-06-17 11:53 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-06-17 11:53 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-17 11:53 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-17 11:53 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-17 11:53 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-17 11:53 - 2017-06-03 12:01 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll
2017-06-17 11:53 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-06-17 11:53 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-06-17 11:53 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-17 11:53 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-17 11:53 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-06-17 11:53 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-06-17 11:53 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-06-17 11:53 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-06-17 11:53 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-06-17 11:53 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2017-06-17 11:53 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-06-17 11:53 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-06-17 11:53 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2017-06-17 11:53 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2017-06-17 11:53 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-17 11:53 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-06-17 11:53 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-06-17 11:53 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-06-17 11:53 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-06-17 11:53 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2017-06-17 11:53 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-06-17 11:53 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2017-06-17 11:53 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-06-17 11:53 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-17 11:53 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-06-17 11:53 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-06-17 11:53 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-06-17 11:53 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-17 11:53 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-06-17 11:53 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2017-06-17 11:53 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-06-17 11:53 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-17 11:53 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2017-06-17 11:53 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-17 11:53 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll
2017-06-17 11:53 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-06-17 11:53 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-17 11:53 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2017-06-17 11:53 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll
2017-06-17 11:53 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2017-06-17 11:53 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2017-06-17 11:53 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-17 11:53 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-17 11:53 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2017-06-17 11:53 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-06-17 11:53 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll
2017-06-17 11:53 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-17 11:53 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-17 11:53 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-06-17 11:53 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-17 11:53 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-06-17 11:53 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-17 11:53 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2017-06-17 11:53 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-17 11:53 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2017-06-17 11:53 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-06-17 11:53 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-17 11:53 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-06-17 11:53 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-17 11:53 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-06-17 11:53 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-06-17 11:53 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2017-06-17 11:53 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-17 11:53 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-06-17 11:53 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-17 11:53 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-06-17 11:53 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-17 11:53 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-17 11:53 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-06-17 11:53 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-06-17 11:53 - 2017-06-03 08:08 - 00080078 _____ C:\Windows\system32\normidna.nls
2017-06-17 11:53 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-06-17 11:53 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-30 15:17 - 2017-02-05 14:26 - 00000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2017-06-30 15:17 - 2017-02-03 10:44 - 00003288 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-30 15:17 - 2017-02-03 10:43 - 00002390 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-30 15:17 - 2017-02-03 10:43 - 00000000 ___RD C:\Users\Lenovo\OneDrive
2017-06-30 15:16 - 2017-02-03 10:40 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-30 15:16 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-30 15:16 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\AppReadiness
2017-06-30 15:15 - 2017-02-03 10:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-30 15:15 - 2017-02-03 10:32 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-29 21:12 - 2017-02-05 15:39 - 00000000 ____D C:\Users\Ota\AppData\LocalLow\Mozilla
2017-06-29 21:12 - 2016-07-16 08:04 - 00786432 _____ C:\Windows\system32\config\BBI
2017-06-29 21:11 - 2017-02-03 10:32 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-06-29 19:16 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\rescache
2017-06-29 16:53 - 2017-02-05 14:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 16:46 - 2016-07-16 13:45 - 00000000 ____D C:\Windows\INF
2017-06-29 16:36 - 2017-02-03 10:44 - 07401520 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-29 16:36 - 2016-07-17 00:25 - 03524866 _____ C:\Windows\system32\perfh005.dat
2017-06-29 16:36 - 2016-07-17 00:25 - 00997840 _____ C:\Windows\system32\perfc005.dat
2017-06-24 16:58 - 2017-02-05 15:37 - 00000000 ____D C:\Users\Ota
2017-06-20 16:56 - 2017-02-05 15:38 - 00002381 _____ C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-20 16:56 - 2017-02-05 15:38 - 00000000 ___RD C:\Users\Ota\OneDrive
2017-06-17 13:57 - 2016-07-16 13:36 - 00000000 ____D C:\Windows\CbsTemp
2017-06-17 12:50 - 2017-02-03 10:32 - 00268512 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-17 12:48 - 2016-07-16 13:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-06-17 12:48 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2017-06-17 12:48 - 2016-07-16 13:47 - 00000000 ____D C:\Windows\ShellExperiences
2017-06-17 12:15 - 2017-02-03 11:54 - 00000000 ____D C:\Windows\system32\MRT
2017-06-17 12:11 - 2017-02-03 11:54 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-10 17:04 - 2017-02-05 15:38 - 00000000 ____D C:\Users\Ota\AppData\Roaming\doublecmd
2017-06-08 13:33 - 2017-02-05 14:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-01 08:45 - 2017-02-03 11:55 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2017-02-10 19:50 - 2017-02-10 19:50 - 0007602 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
2017-02-14 18:16 - 2017-02-14 18:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-29 19:05
==================== End of FRST.txt ============================Debian / W10
Rudy
Site Admin
Příspěvky: 118244 Registrován: 30 říj 2003 13:42Bydliště: Plzeň
Kontaktovat uživatele:
#6
Příspěvek
od Rudy 30 čer 2017 17:54
Otevřte poznámkový blok a zkopírujte do něj:
Start
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum :
https://platba.viry.cz/payment/ .
Navštivte:
e-mail:
rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
pivik
Vzorný návštěvník
Příspěvky: 25 Registrován: 19 dub 2006 19:07
#7
Příspěvek
od pivik 01 črc 2017 10:28
Zde je log. Laptop se automaticky restartoval, snad to tak má být.
Kód: Vybrat vše
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by Otas (01-07-2017 09:24:48) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Otas (Available Profiles: defaultuser0 & Otas & Ota)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6327676 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 834283 B
Edge => 1462833 B
Chrome => 0 B
Firefox => 147875954 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 439156 B
defaultuser0 => 7168 B
Lenovo => 145679 B
Ota => 70901 B
RecycleBin => 1332 B
EmptyTemp: => 155.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:24:55 ====Debian / W10
Rudy
Site Admin
Příspěvky: 118244 Registrován: 30 říj 2003 13:42Bydliště: Plzeň
Kontaktovat uživatele:
#8
Příspěvek
od Rudy 01 črc 2017 11:21
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum :
https://platba.viry.cz/payment/ .
Navštivte:
e-mail:
rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
pivik
Vzorný návštěvník
Příspěvky: 25 Registrován: 19 dub 2006 19:07
#9
Příspěvek
od pivik 19 srp 2017 16:11
Omlouvám se, dostal jsem se k tomu až nyní. Zdá se to lepší, ale mám další dotaz. Je normálí, že W10 po půl roce skoro nepoužívání zbírají 600GB?
Debian / W10
Rudy
Site Admin
Příspěvky: 118244 Registrován: 30 říj 2003 13:42Bydliště: Plzeň
Kontaktovat uživatele:
#10
Příspěvek
od Rudy 19 srp 2017 17:28
600GB je docela hodně, nicměně, čím novější OS, tím objemnější. Jeho velikost narůstá s každou aktualizací.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum :
https://platba.viry.cz/payment/ .
Navštivte:
e-mail:
rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?