Právě je 19 lis 2017 02:15

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z RSIT [návod zde] nebo FRST [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Odpovědět na téma  [ Příspěvků: 12 ] 
Autor Zpráva
 Předmět příspěvku: zavirováno
PříspěvekNapsal: 06 říj 2017 11:27 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
prosím opět o pomoc.
Neustále mi v Chromu vyskakují různá okna, NOD hlásí zablokování webundstop, různých trojských koňů atd.
Chtěla jsem spustit Adwcleaner ale hlásí mi to že soft. vydavatele byl zablokován a nesmí být spuštěn. Co s tím vším?


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 06 říj 2017 12:30 
Offline
Moderátor
Moderátor

Registrován: 05 pro 2009 20:08
Příspěvky: 21607
Bydliště: Ostrava
Zdravim :)

Nejprve dejte log z FRST https://forum.viry.cz/viewtopic.php?f=13&t=152707

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 06 říj 2017 12:38 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2017 01
Ran by Líba (administrator) on DESKTOP-B7MNK66 (06-10-2017 13:35:38)
Running from C:\Users\Líba\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Pro Version 1511 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TODO: <Company name>) C:\Disk\WebService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(TODO: <Company name>) C:\Disk\WEBSER~1.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(forum.viry.cz) C:\Users\Líba\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\Run: [egui] => cmd /c /q ""C:\Program Files\ESET\ESET Security\ecmd.exe"" "/launch /hide"
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] ()
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [bbqskugrdz1] => "C:\Users\Líba\AppData\Roaming\m2b4lp5a3py\qyzcha4eu34.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [7X1LS8QYZ6UJNIW] => "C:\Program Files\7U7TRGECCX\7U7TRGECC.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [iud3n1tqz45] => "C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn\1rwfu4rgpr5.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [st5s03echcg] => "C:\Users\Líba\AppData\Roaming\o2vmp42dmwv\fukpsqgxefj.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [sl1lavbyefn] => "C:\Users\Líba\AppData\Roaming\bvskreypyxn\lhuos2op3qi.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [YQYGSRJL7OKDL0V] => "C:\Program Files\GC7L3SEWVN\R1KAI1FMB.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [TWU27P2S5ABJBL0] => "C:\Program Files\KGGZZPL3AX\KGGZZPL3A.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {06b6e035-a4ed-11e7-b2c0-90004ef5ab17} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {2bb42d05-8cad-11e7-b2ba-90004ef5ab17} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {b604e5c2-8997-11e7-b2b5-90004ef5ab17} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {e4d9eec3-8c27-11e7-b2ba-90004ef5ab17} - "D:\Autoplay.exe" -auto
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\ProgramData\DreamScreen\DreamScreen.scr
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\Users\Líba\AppData\Roaming\tmp546.dat -> No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-306088123-3753404819-704058302-1001] => hxxp://webunstop.net/wpad.dat?fdf7fb351 ... a335892267
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{56c58440-6198-4fd4-bf2d-81b888fdebfc}: [DhcpNameServer] 213.46.172.37 213.46.172.36
ManualProxies: 0hxxp://webunstop.net/wpad.dat?fdf7fb351d63b6824083aa1bc493efa335892267

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-306088123-3753404819-704058302-1001 -> {DE012DD2-5B5D-4011-A2C3-BF79BC0BA7AE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-25] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-25] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-09-14]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html", Not-active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://search.randomwalktab.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Random Walk Shapes
CHR DefaultSuggestURL: Default -> hxxps://randomwalktab.com/suggestions.php?q={searchTerms}
CHR Profile: C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default [2017-10-06]
CHR Extension: (Prezentace Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-28]
CHR Extension: (Dokumenty Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-28]
CHR Extension: (Disk Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-28]
CHR Extension: (YouTube) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-28]
CHR Extension: (Adblock Plus) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-11]
CHR Extension: (Tabulky Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-28]
CHR Extension: (Speed Dial 2 - New tab) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2017-08-28]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2017-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-08-28]
CHR Extension: (Gmail) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-28]
CHR Extension: (Chrome Media Router) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjcngoneogjbkdakodemfopgkkncoll] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1933872 2017-09-22] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-08-25] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-09-05] (Microsoft Corporation)
S2 AdsService; C:\Users\Líba\AppData\Local\AdService\AdService.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [133360 2017-07-25] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15392 2017-07-25] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [180096 2017-09-19] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [106312 2017-09-19] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-01] ()
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 wfcre; C:\Windows\System32\drivers\wfcre.sys [124288 2017-07-04] ()
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-06 13:33 - 2017-10-06 13:36 - 000023739 _____ C:\Users\Líba\Desktop\FRST.txt
2017-10-06 13:31 - 2017-10-06 13:33 - 000000000 ____D C:\FRST
2017-10-06 13:30 - 2017-10-06 13:30 - 000112640 _____ (forum.viry.cz) C:\Users\Líba\Desktop\FRSTLauncher.exe
2017-10-06 13:30 - 2017-10-06 13:29 - 002399744 _____ (Farbar) C:\Users\Líba\Desktop\FRST64.exe
2017-10-06 09:28 - 2017-10-06 13:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-10-05 22:50 - 2017-10-05 22:47 - 008250832 _____ (Malwarebytes) C:\Users\Líba\Desktop\adwcleaner_7.0.3.1.exe
2017-10-04 12:25 - 2017-10-04 12:25 - 000037682 _____ C:\Users\Líba\Downloads\MS_Humanic_Brnenska_Hradec Kralove_260917_dotazník6.pdf
2017-10-03 18:27 - 2017-10-03 18:27 - 000679857 _____ C:\Users\Líba\Downloads\891-objednavkovy-formular-a4-2016-04-interaktivni1.pdf
2017-10-03 18:21 - 2017-10-03 18:26 - 000679857 _____ C:\Users\Líba\Downloads\891-objednavkovy-formular-a4-2016-04-interaktivni.pdf
2017-10-03 16:41 - 2017-10-03 16:41 - 000001550 _____ C:\Windows\Tasks\VB Checkbow Tabs.job
2017-10-03 16:33 - 2017-10-03 16:34 - 000000085 _____ C:\Windows\wininit.ini
2017-10-03 15:52 - 2017-10-03 15:52 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2017-10-03 15:51 - 2017-10-03 16:34 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-03 15:51 - 2017-10-03 15:51 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-10-03 15:50 - 2017-10-03 16:41 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-10-03 07:09 - 2017-10-03 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-10-03 07:09 - 2017-10-03 07:09 - 000000000 ____D C:\ProgramData\ESET
2017-10-02 23:12 - 2017-10-02 23:12 - 000000000 _____ C:\Windows\system32\Drivers\4F266BB8.sys
2017-10-02 23:03 - 2017-10-02 23:03 - 000000000 _____ C:\Windows\system32\Drivers\1ADF64B3.sys
2017-10-02 20:10 - 2017-10-02 20:10 - 000000000 _____ C:\Windows\system32\Drivers\026D606F.sys
2017-10-02 19:56 - 2017-10-02 19:56 - 000000000 _____ C:\Windows\system32\Drivers\3E3855B8.sys
2017-10-02 19:54 - 2017-10-02 19:54 - 000000000 _____ C:\Windows\system32\Drivers\35CE5447.sys
2017-10-02 19:51 - 2017-10-02 19:51 - 000000000 _____ C:\Windows\system32\Drivers\305551FB.sys
2017-10-01 21:27 - 2017-10-01 21:38 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-01 18:59 - 2017-10-03 06:40 - 000000000 ____D C:\Program Files\Plumbytes Software
2017-10-01 18:59 - 2017-10-01 19:43 - 000000000 ____D C:\Users\Líba\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2017-10-01 18:48 - 2017-10-01 18:48 - 000000000 ____D C:\Users\Líba\AppData\Roaming\DreamCompress
2017-10-01 18:28 - 2017-10-01 18:28 - 000000270 __RSH C:\Users\Líba\ntuser.pol
2017-10-01 18:25 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\KGGZZPL3AX
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\GC7L3SEWVN
2017-10-01 18:25 - 2017-10-02 20:36 - 000000000 ____D C:\ProgramData\DreamScreen
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\o2vmp42dmwv
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\bvskreypyxn
2017-10-01 18:25 - 2017-10-01 18:56 - 000000000 ____D C:\Users\Líba\AppData\Roaming\System Healer
2017-10-01 18:25 - 2017-10-01 18:25 - 000003434 _____ C:\Windows\System32\Tasks\SystemHealer Monitor
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\Users\Líba\AppData\Roaming\DreamScreen
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\ProgramData\CupCheck
2017-10-01 18:24 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-10-01 18:24 - 2017-10-03 07:21 - 000000000 ____D C:\Program Files\7U7TRGECCX
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\m2b4lp5a3py
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn
2017-10-01 18:23 - 2017-10-01 18:23 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Macromedia
2017-10-01 18:22 - 2017-10-03 07:23 - 000016834 _____ C:\Windows\System32\Tasks\VB Checkbow Tabs
2017-10-01 18:22 - 2017-10-03 06:37 - 000000000 ____D C:\Disk
2017-10-01 18:22 - 2017-10-01 18:22 - 000003324 _____ C:\Windows\System32\Tasks\LaCieS
2017-10-01 18:22 - 2017-10-01 18:22 - 000000000 ____D C:\Windat
2017-10-01 18:20 - 2017-10-01 18:20 - 000002360 __RSH C:\ProgramData\ntuser.pol
2017-10-01 18:20 - 2017-10-01 18:20 - 000000000 ____D C:\ProgramData\33e6433c-4925-0
2017-10-01 18:20 - 2017-10-01 18:20 - 000000000 ____D C:\ProgramData\33e6433c-2cf1-1
2017-10-01 18:15 - 2017-10-01 18:15 - 000000000 ____D C:\ProgramData\Microleaves
2017-10-01 18:14 - 2017-10-02 15:39 - 000000000 ____D C:\Applications
2017-10-01 18:14 - 2017-10-01 18:14 - 000003346 _____ C:\Windows\System32\Tasks\ShadowsocksS
2017-10-01 18:14 - 2017-10-01 18:14 - 000000000 ____D C:\WinSys
2017-10-01 18:13 - 2017-10-03 16:05 - 000000000 ____D C:\Users\Líba\AppData\Local\AdService
2017-10-01 18:13 - 2017-10-01 18:13 - 000140800 _____ C:\Users\Líba\AppData\Local\installer.dat
2017-10-01 18:13 - 2017-10-01 18:13 - 000011568 _____ C:\Users\Líba\AppData\Local\InstallationConfiguration.xml
2017-10-01 18:13 - 2017-10-01 18:13 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G3.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G2.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G1.job
2017-10-01 18:12 - 2017-10-06 10:21 - 000000414 _____ C:\Windows\Tasks\Updater_Online_Application.job
2017-10-01 18:12 - 2017-10-01 18:18 - 000003308 _____ C:\Windows\System32\Tasks\Updater_Online_Application
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G3
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G2
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G1
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Microleaves
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Local\AdvinstAnalytics
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Program Files (x86)\Microleaves
2017-10-01 16:33 - 2017-10-01 18:47 - 000000150 _____ C:\Windows\Reimage.ini
2017-09-30 12:39 - 2017-09-30 12:39 - 000000000 ____D C:\Windows\UpdateAssistant
2017-09-29 10:59 - 2017-09-29 11:00 - 000141941 _____ C:\Users\Líba\Downloads\nabídka1.pdf
2017-09-29 10:25 - 2017-09-29 09:18 - 000019266 _____ C:\Users\Líba\Downloads\Seznam vrácených e-mailů msv 2017.xlsx
2017-09-26 18:50 - 2017-09-26 18:50 - 000618214 _____ C:\Users\Líba\Downloads\humanic_dotazník.pdf
2017-09-25 13:37 - 2017-09-25 13:37 - 000000000 ____D C:\Users\Líba\AppData\Local\Microsoft Help
2017-09-19 19:25 - 2017-09-19 19:25 - 001852615 _____ C:\Users\Líba\Desktop\Samolepky-pro-kořenky_Bez-vepsaných-názvů-kořenek-a-zavařenin.pdf
2017-09-19 19:25 - 2017-09-19 19:25 - 001658615 _____ C:\Users\Líba\Desktop\Samolepky-pro-kořenky_S-oranžovým-hrncem-na-bílém-pozadí-bez-názvů-kořenek-a-zavařenin.pdf
2017-09-19 19:24 - 2017-09-19 19:24 - 016293585 _____ C:\Users\Líba\Desktop\samolepky na koření.pdf
2017-09-19 19:24 - 2017-09-19 19:24 - 001539223 _____ C:\Users\Líba\Desktop\samolepky na koření 1.pdf
2017-09-19 10:05 - 2017-09-19 10:05 - 000180096 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2017-09-19 10:05 - 2017-09-19 10:05 - 000106312 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2017-09-18 14:48 - 2017-09-18 15:41 - 000098304 _____ C:\Users\Líba\Desktop\LV-Neobdělávané firmy od 01 16 (2).xls
2017-09-18 14:48 - 2017-09-18 14:48 - 000000000 ____D C:\Users\Líba\Documents\Vlastní šablony Office
2017-09-18 11:12 - 2017-09-18 11:18 - 000000000 ____D C:\Program Files\VueScan
2017-09-18 11:12 - 2017-09-18 11:12 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2017-09-18 11:12 - 2017-09-18 11:12 - 000001038 _____ C:\Users\Public\Desktop\VueScan x64.lnk
2017-09-18 10:49 - 2017-09-18 10:50 - 000000000 ____D C:\Users\Líba\AppData\Roaming\NAPS2
2017-09-18 10:02 - 2017-09-18 11:12 - 000000000 ____D C:\Windows\twain_64
2017-09-18 09:55 - 2017-09-18 09:55 - 000000000 ___RD C:\Users\Líba\Documents\Scanned Documents
2017-09-18 09:55 - 2017-09-18 09:55 - 000000000 ____D C:\Users\Líba\Documents\Fax
2017-09-18 07:26 - 2017-09-18 07:26 - 000174080 _____ C:\Users\Líba\Downloads\LV-Neobdělávané firmy od 01 16 (2).xls
2017-09-17 18:21 - 2017-09-17 18:21 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2017-09-17 18:21 - 2017-09-17 18:21 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2017-09-17 18:21 - 2017-09-17 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-09-13 16:41 - 2017-09-05 07:00 - 000190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-09-13 16:41 - 2017-09-05 06:57 - 000541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-09-13 16:41 - 2017-09-05 06:48 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-13 16:41 - 2017-09-05 06:37 - 000667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 16:41 - 2017-09-05 06:20 - 001123328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-13 16:41 - 2017-09-05 06:19 - 000314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-09-13 16:41 - 2017-09-05 06:18 - 002102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2017-09-13 16:41 - 2017-09-05 06:06 - 004759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-13 16:41 - 2017-06-17 07:56 - 001984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-09-13 16:41 - 2017-06-03 11:44 - 000760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-09-13 16:41 - 2016-09-07 06:31 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-09-13 16:41 - 2016-09-07 06:28 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-09-13 16:40 - 2017-09-05 11:07 - 000994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-09-13 16:40 - 2017-09-05 09:56 - 001552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-09-13 16:40 - 2017-09-05 09:51 - 000808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-09-13 16:40 - 2017-09-05 09:45 - 006536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2017-09-13 16:40 - 2017-09-05 09:20 - 000845568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2017-09-13 16:40 - 2017-09-05 09:19 - 001862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-13 16:40 - 2017-09-05 09:19 - 001542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 16:40 - 2017-09-05 09:11 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-09-13 16:40 - 2017-09-05 09:11 - 000035624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-13 16:40 - 2017-09-05 08:47 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\genericusbfn.sys
2017-09-13 16:40 - 2017-09-05 08:38 - 001349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-09-13 16:40 - 2017-09-05 08:35 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2017-09-13 16:40 - 2017-09-05 08:32 - 002946672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 16:40 - 2017-09-05 08:32 - 000703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-13 16:40 - 2017-09-05 08:29 - 021123832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 16:40 - 2017-09-05 08:29 - 005240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-13 16:40 - 2017-09-05 08:29 - 000465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-09-13 16:40 - 2017-09-05 08:26 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-09-13 16:40 - 2017-09-05 08:23 - 000174944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-09-13 16:40 - 2017-09-05 08:14 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2017-09-13 16:40 - 2017-09-05 08:06 - 000546968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-13 16:40 - 2017-09-05 08:06 - 000262496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-13 16:40 - 2017-09-05 08:05 - 000540280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 001523184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 001368176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 000335248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 000141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-13 16:40 - 2017-09-05 08:01 - 000727552 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-09-13 16:40 - 2017-09-05 07:54 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 16:40 - 2017-09-05 07:48 - 000320000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-09-13 16:40 - 2017-09-05 07:40 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-13 16:40 - 2017-09-05 07:37 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-09-13 16:40 - 2017-09-05 07:30 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-13 16:40 - 2017-09-05 07:19 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 16:40 - 2017-09-05 07:15 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-09-13 16:40 - 2017-09-05 07:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-13 16:40 - 2017-09-05 07:13 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-09-13 16:40 - 2017-09-05 07:12 - 000256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-09-13 16:40 - 2017-09-05 07:11 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-13 16:40 - 2017-09-05 07:11 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-09-13 16:40 - 2017-09-05 07:10 - 002279936 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-13 16:40 - 2017-09-05 07:09 - 000310784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 16:40 - 2017-09-05 07:08 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-09-13 16:40 - 2017-09-05 07:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-09-13 16:40 - 2017-09-05 07:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-13 16:40 - 2017-09-05 07:02 - 000461312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-09-13 16:40 - 2017-09-05 07:02 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-09-13 16:40 - 2017-09-05 07:01 - 000365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 16:40 - 2017-09-05 07:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-09-13 16:40 - 2017-09-05 06:55 - 000576000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-13 16:40 - 2017-09-05 06:53 - 000395776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-13 16:40 - 2017-09-05 06:53 - 000238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-09-13 16:40 - 2017-09-05 06:52 - 000705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-13 16:40 - 2017-09-05 06:52 - 000250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-09-13 16:40 - 2017-09-05 06:51 - 000401920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-13 16:40 - 2017-09-05 06:48 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-09-13 16:40 - 2017-09-05 06:47 - 000788992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-13 16:40 - 2017-09-05 06:46 - 000400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-09-13 16:40 - 2017-09-05 06:45 - 001151488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-09-13 16:40 - 2017-09-05 06:45 - 000241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-13 16:40 - 2017-09-05 06:41 - 001467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-13 16:40 - 2017-09-05 06:40 - 000805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-09-13 16:40 - 2017-09-05 06:38 - 003695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 16:40 - 2017-09-05 06:37 - 000764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2017-09-13 16:40 - 2017-09-05 06:36 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-09-13 16:40 - 2017-09-05 06:23 - 004078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-13 16:40 - 2017-09-05 06:20 - 002911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-09-13 16:40 - 2017-09-05 06:19 - 007536128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-09-13 16:40 - 2017-09-05 06:16 - 001626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-09-13 16:40 - 2017-09-05 06:16 - 001501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 16:40 - 2017-09-05 06:15 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-09-13 16:40 - 2017-09-05 06:13 - 002881536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 16:40 - 2017-09-05 06:12 - 004412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 16:40 - 2017-09-05 06:12 - 003053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-09-13 16:40 - 2017-09-05 06:12 - 002680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-09-13 16:40 - 2017-09-05 06:11 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-13 16:40 - 2017-09-05 06:11 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 16:40 - 2017-09-05 06:10 - 006296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-09-13 16:40 - 2017-09-05 06:10 - 001799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-09-13 16:40 - 2017-09-05 06:07 - 003574272 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-13 16:40 - 2017-09-05 06:04 - 005205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-09-13 16:40 - 2017-09-05 05:55 - 002770432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-13 16:40 - 2017-09-05 05:51 - 004404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-09-13 16:40 - 2017-09-05 05:48 - 005327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 16:40 - 2017-09-05 05:48 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 16:40 - 2017-09-05 05:44 - 006742528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-13 16:40 - 2017-09-05 05:44 - 002604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-09-13 16:40 - 2017-09-05 05:39 - 002632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-09-13 16:40 - 2017-09-05 05:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-13 16:39 - 2017-09-05 11:32 - 001997840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 16:39 - 2017-09-05 11:32 - 001098648 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-09-13 16:39 - 2017-09-05 11:11 - 000042928 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-13 16:39 - 2017-09-05 10:40 - 003449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2017-09-13 16:39 - 2017-09-05 09:57 - 000245848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-13 16:39 - 2017-09-05 09:47 - 022560232 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 16:39 - 2017-09-05 09:47 - 006605000 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-09-13 16:39 - 2017-09-05 09:19 - 001558288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-13 16:39 - 2017-09-05 09:05 - 000388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-09-13 16:39 - 2017-09-05 08:59 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-13 16:39 - 2017-09-05 08:46 - 000824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-09-13 16:39 - 2017-09-05 08:34 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 16:39 - 2017-09-05 08:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 16:39 - 2017-09-05 08:28 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 16:39 - 2017-09-05 08:27 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-13 16:39 - 2017-09-05 08:24 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 16:39 - 2017-09-05 08:22 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2017-09-13 16:39 - 2017-09-05 08:19 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 16:39 - 2017-09-05 08:19 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 16:39 - 2017-09-05 08:17 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 16:39 - 2017-09-05 08:17 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-09-13 16:39 - 2017-09-05 08:11 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-09-13 16:39 - 2017-09-05 08:10 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-09-13 16:39 - 2017-09-05 08:04 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-09-13 16:39 - 2017-09-05 07:57 - 000841728 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-09-13 16:39 - 2017-09-05 07:57 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-09-13 16:39 - 2017-09-05 07:56 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-09-13 16:39 - 2017-09-05 07:52 - 000970752 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2017-09-13 16:39 - 2017-09-05 07:52 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2017-09-13 16:39 - 2017-09-05 07:44 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 16:39 - 2017-09-05 07:42 - 001752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 16:39 - 2017-09-05 07:41 - 000961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-09-13 16:39 - 2017-09-05 07:31 - 000572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-13 16:39 - 2017-09-05 07:30 - 000888832 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2017-09-13 16:39 - 2017-09-05 07:28 - 000838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-09-13 16:39 - 2017-09-05 07:18 - 005123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-09-13 16:39 - 2017-09-05 07:17 - 001122816 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 16:39 - 2017-09-05 07:05 - 003405312 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 16:39 - 2017-09-05 07:04 - 000083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 16:39 - 2017-09-05 07:03 - 007977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-09-13 16:39 - 2017-09-05 06:44 - 007200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-09-13 16:39 - 2017-09-05 06:42 - 000957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-09-13 16:39 - 2017-09-05 06:40 - 001526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 16:39 - 2017-09-05 05:48 - 019346432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 16:39 - 2017-09-05 05:48 - 018675200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-13 16:39 - 2016-10-25 07:42 - 002876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2017-09-13 16:38 - 2017-09-05 11:34 - 001030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-13 16:38 - 2017-09-05 11:31 - 007463776 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 16:38 - 2017-09-05 11:31 - 002656960 _____ C:\Windows\system32\CoreUIComponents.dll
2017-09-13 16:38 - 2017-09-05 11:29 - 001819208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 16:38 - 2017-09-05 11:27 - 000754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-09-13 16:38 - 2017-09-05 11:14 - 001637216 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-13 16:38 - 2017-09-05 09:51 - 003700816 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 16:38 - 2017-09-05 09:48 - 000566112 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-09-13 16:38 - 2017-09-05 09:46 - 001540216 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-09-13 16:38 - 2017-09-05 09:46 - 000692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-09-13 16:38 - 2017-09-05 09:45 - 001128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-09-13 16:38 - 2017-09-05 09:44 - 000625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-09-13 16:38 - 2017-09-05 09:44 - 000609056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-09-13 16:38 - 2017-09-05 09:44 - 000161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 16:38 - 2017-09-05 09:19 - 000636816 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-09-13 16:38 - 2017-09-05 09:18 - 001777792 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-09-13 16:38 - 2017-09-05 09:18 - 001597520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-09-13 16:38 - 2017-09-05 08:45 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-09-13 16:38 - 2017-09-05 08:45 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-09-13 16:38 - 2017-09-05 08:27 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-09-13 16:38 - 2017-09-05 08:25 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-09-13 16:38 - 2017-09-05 08:24 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-09-13 16:38 - 2017-09-05 08:23 - 000297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-09-13 16:38 - 2017-09-05 08:22 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-09-13 16:38 - 2017-09-05 08:22 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2017-09-13 16:38 - 2017-09-05 08:20 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2017-09-13 16:38 - 2017-09-05 08:15 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 16:38 - 2017-09-05 08:15 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-13 16:38 - 2017-09-05 08:15 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2017-09-13 16:38 - 2017-09-05 08:15 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-09-13 16:38 - 2017-09-05 08:13 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 16:38 - 2017-09-05 08:13 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 16:38 - 2017-09-05 08:12 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 16:38 - 2017-09-05 08:10 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-09-13 16:38 - 2017-09-05 08:10 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-09-13 16:38 - 2017-09-05 08:09 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-09-13 16:38 - 2017-09-05 08:08 - 000764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-09-13 16:38 - 2017-09-05 08:08 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-09-13 16:38 - 2017-09-05 08:06 - 000320000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-09-13 16:38 - 2017-09-05 08:05 - 000385024 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 16:38 - 2017-09-05 08:04 - 000715264 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-09-13 16:38 - 2017-09-05 07:57 - 000602112 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-09-13 16:38 - 2017-09-05 07:50 - 002125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2017-09-13 16:38 - 2017-09-05 07:50 - 000967168 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 16:38 - 2017-09-05 07:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 16:38 - 2017-09-05 07:49 - 001418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-09-13 16:38 - 2017-09-05 07:49 - 000785920 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 16:38 - 2017-09-05 07:49 - 000515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-09-13 16:38 - 2017-09-05 07:48 - 002129920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 16:38 - 2017-09-05 07:46 - 001385472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-09-13 16:38 - 2017-09-05 07:44 - 000853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-09-13 16:38 - 2017-09-05 07:40 - 001292800 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-09-13 16:38 - 2017-09-05 07:38 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-09-13 16:38 - 2017-09-05 07:37 - 004456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-13 16:38 - 2017-09-05 07:37 - 001742848 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2017-09-13 16:38 - 2017-09-05 07:35 - 002054144 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-09-13 16:38 - 2017-09-05 07:20 - 003588608 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-09-13 16:38 - 2017-09-05 07:20 - 002610176 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-09-13 16:38 - 2017-09-05 07:15 - 001676800 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-09-13 16:38 - 2017-09-05 07:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 16:38 - 2017-09-05 07:13 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-09-13 16:38 - 2017-09-05 07:11 - 003046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2017-09-13 16:38 - 2017-09-05 07:11 - 001729024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 16:38 - 2017-09-05 07:10 - 001946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-09-13 16:38 - 2017-09-05 07:10 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-09-13 16:38 - 2017-09-05 07:06 - 000268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 16:38 - 2017-09-05 07:05 - 004827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 16:38 - 2017-09-05 07:05 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-13 16:38 - 2017-09-05 07:04 - 003355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-09-13 16:38 - 2017-09-05 07:03 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-09-13 16:38 - 2017-09-05 07:01 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-13 16:38 - 2017-09-05 06:58 - 002635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-09-13 16:38 - 2017-09-05 06:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 16:38 - 2017-09-05 06:56 - 005503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-09-13 16:38 - 2017-09-05 06:54 - 003585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-09-13 16:38 - 2017-09-05 06:47 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 16:38 - 2017-09-05 06:46 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 16:38 - 2017-09-05 06:45 - 002051584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 16:38 - 2017-09-05 06:45 - 001383424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 16:38 - 2017-09-05 06:34 - 004890624 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 16:38 - 2017-09-05 06:31 - 022377472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-09-13 16:38 - 2017-09-05 06:28 - 013410816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 16:38 - 2017-09-05 06:24 - 006978048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-13 16:38 - 2017-09-05 06:23 - 024606720 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 16:38 - 2017-09-05 06:23 - 006312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-09-13 16:38 - 2017-09-05 06:21 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 16:38 - 2017-09-05 06:06 - 007841792 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-09-13 16:38 - 2017-09-05 05:57 - 003662848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 16:38 - 2017-09-05 05:48 - 012155904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 16:38 - 2017-09-05 05:37 - 005661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-13 16:37 - 2017-09-05 09:41 - 000202592 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-09-13 16:37 - 2017-09-05 09:19 - 000292192 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-09-13 16:37 - 2017-09-05 09:18 - 000642520 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-13 16:37 - 2017-09-05 09:18 - 000380152 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-13 16:37 - 2017-09-05 09:18 - 000147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-13 16:37 - 2017-09-05 08:34 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-09-13 16:37 - 2017-09-05 08:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-09-13 16:37 - 2017-09-05 08:25 - 000485376 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2017-09-13 16:37 - 2017-09-05 08:18 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-09-13 16:37 - 2017-09-05 08:12 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-09-13 16:37 - 2017-09-05 08:11 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-09-13 16:37 - 2017-09-05 08:02 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-09-13 16:37 - 2017-09-05 07:59 - 000452608 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-09-13 16:37 - 2017-09-05 07:59 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-09-13 16:37 - 2017-09-05 07:52 - 000985088 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-13 16:37 - 2017-09-05 07:43 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-13 16:37 - 2017-09-05 07:37 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2017-09-13 16:37 - 2017-09-05 07:21 - 000584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-13 16:37 - 2017-09-05 07:03 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 16:37 - 2017-09-05 06:16 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-13 16:37 - 2017-09-05 06:02 - 001087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-09-12 15:30 - 2017-09-13 21:25 - 000000000 ____D C:\Users\Líba\Desktop\dnes
2017-09-11 16:51 - 2017-09-11 16:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-09-11 16:50 - 2017-09-14 19:52 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-09-11 16:50 - 2017-09-14 19:52 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-09-11 16:50 - 2017-09-11 16:50 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2017-09-11 14:48 - 2017-09-11 14:49 - 007897776 _____ (Tim Kosse) C:\Users\Líba\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-09-11 09:18 - 2017-09-11 09:19 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2017-09-08 08:59 - 2017-09-08 08:59 - 000001150 _____ C:\Users\Public\Desktop\MP3 Joiner Pro.lnk
2017-09-08 08:59 - 2017-09-08 08:59 - 000000000 ____D C:\Users\Líba\AppData\Roaming\MP3 Joiner Pro
2017-09-08 08:59 - 2017-09-08 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Joiner Pro
2017-09-08 08:59 - 2017-09-08 08:59 - 000000000 ____D C:\Program Files (x86)\MP3 Joiner Pro

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-06 13:33 - 2017-08-28 09:55 - 000004206 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{76C58836-5AF9-4569-9BAD-BAAD998F849D}
2017-10-06 13:31 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-10-06 12:08 - 2017-08-28 18:26 - 000000000 ____D C:\Users\Líba\AppData\Local\ACD Systems
2017-10-06 11:17 - 2017-08-28 14:42 - 000000000 ____D C:\Program Files\rempl
2017-10-06 10:52 - 2017-08-28 15:34 - 000000000 ___RD C:\Users\Líba\Desktop\AJP TECH
2017-10-06 10:43 - 2017-08-28 15:26 - 000000000 ____D C:\Users\Líba\Desktop\MS
2017-10-06 08:19 - 2017-08-25 22:03 - 001771468 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-06 08:19 - 2017-08-25 15:13 - 000751256 _____ C:\Windows\system32\perfh005.dat
2017-10-06 08:19 - 2017-08-25 15:13 - 000150864 _____ C:\Windows\system32\perfc005.dat
2017-10-06 08:19 - 2015-10-30 09:21 - 000000000 ____D C:\Windows\INF
2017-10-05 21:53 - 2017-08-28 13:54 - 000002262 ____H C:\Users\Líba\Documents\Default.rdp
2017-10-05 15:44 - 2017-08-28 10:35 - 000000000 ____D C:\Users\Líba\AppData\Local\GHISLER
2017-10-05 15:19 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\AppReadiness
2017-10-04 07:37 - 2015-10-30 09:24 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-03 19:22 - 2017-08-25 14:16 - 000000000 ____D C:\Users\Líba\AppData\Local\Packages
2017-10-03 16:41 - 2017-08-25 21:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-03 16:41 - 2015-10-30 08:28 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-10-03 16:33 - 2017-08-28 13:44 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Seznam.cz
2017-10-03 07:23 - 2015-10-30 08:28 - 000000000 ____D C:\Program Files\VB Checkbow Tabs
2017-10-03 07:14 - 2015-10-30 09:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-10-03 07:09 - 2017-08-28 16:09 - 000000000 ____D C:\Program Files\ESET
2017-10-02 23:05 - 2017-08-28 14:08 - 000000000 ____D C:\Users\Líba\AppData\Local\CrashDumps
2017-10-02 16:31 - 2017-08-25 14:15 - 000000000 ____D C:\Users\Líba
2017-10-02 15:52 - 2017-08-28 13:15 - 000000000 ____D C:\Users\Líba\Documents\Líba
2017-10-01 21:37 - 2017-08-28 09:08 - 000000000 ____D C:\Users\Líba\AppData\Local\Google
2017-10-01 18:22 - 2017-08-28 16:28 - 000000000 ____D C:\Users\Líba\AppData\Local\ESET
2017-10-01 18:21 - 2017-08-28 09:09 - 000002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-01 18:19 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\GroupPolicy
2017-09-25 20:34 - 2017-08-25 21:47 - 000345880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-25 19:53 - 2017-08-28 15:43 - 000000000 ____D C:\Users\Líba\AppData\Roaming\uTorrent
2017-09-25 19:26 - 2017-08-28 16:28 - 000000000 ____D C:\Users\Líba\AppData\Roaming\ESET
2017-09-25 17:39 - 2017-08-30 15:17 - 000000000 ____D C:\Users\Líba\Documents\HiSuite
2017-09-25 05:49 - 2015-10-30 09:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-25 05:45 - 2017-08-28 17:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-20 16:50 - 2017-08-25 22:46 - 000000000 ____D C:\Windows\Panther
2017-09-19 18:16 - 2017-08-28 21:09 - 000000000 ____D C:\ProgramData\KMSAutoS
2017-09-18 15:41 - 2017-08-28 14:04 - 000000000 ____D C:\Users\Líba\AppData\Roaming\FileZilla
2017-09-18 10:54 - 2017-08-28 21:59 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-17 18:21 - 2017-08-28 20:59 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-09-17 17:47 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\rescache
2017-09-15 07:37 - 2017-08-25 14:21 - 000003372 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-306088123-3753404819-704058302-1001
2017-09-15 07:37 - 2017-08-25 14:19 - 000002384 _____ C:\Users\Líba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 07:37 - 2017-08-25 14:19 - 000000000 ___RD C:\Users\Líba\OneDrive
2017-09-14 19:54 - 2017-08-28 22:07 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-14 19:34 - 2015-10-30 09:11 - 000000000 ____D C:\Windows\CbsTemp
2017-09-14 18:55 - 2017-08-25 14:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___SD C:\Windows\system32\F12
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___RD C:\Windows\DevicesFlow
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\oobe
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files\Windows Defender
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-13 16:55 - 2017-08-28 14:36 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 16:51 - 2017-08-28 14:36 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-12 15:34 - 2017-08-25 14:16 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Adobe
2017-09-11 22:35 - 2017-08-28 21:57 - 000000000 ____D C:\Users\Líba\AppData\Local\Adobe
2017-09-11 16:51 - 2017-08-28 21:58 - 000000000 ____D C:\ProgramData\Adobe
2017-09-11 16:22 - 2017-08-28 16:02 - 000000000 ____D C:\Users\Líba\Desktop\sukně a střihy
2017-09-11 09:20 - 2017-08-28 10:35 - 000000000 ____D C:\Program Files (x86)\totalcmd

==================== Files in the root of some directories =======

2017-08-29 12:43 - 2017-08-29 12:43 - 002106893 _____ () C:\Users\Líba\AppData\Roaming\langInstall.exe
2017-10-01 18:13 - 2017-10-01 18:13 - 000011568 _____ () C:\Users\Líba\AppData\Local\InstallationConfiguration.xml
2017-10-01 18:13 - 2017-10-01 18:13 - 000140800 _____ () C:\Users\Líba\AppData\Local\installer.dat

Some files in TEMP:
====================
2017-09-18 10:55 - 2017-09-18 10:55 - 000024576 _____ () C:\Users\Líba\AppData\Local\Temp\instac.exe
2017-10-01 18:24 - 2017-10-01 18:24 - 000374181 _____ (WeMonetize ) C:\Users\Líba\AppData\Local\Temp\QYUN6IT.exe
2017-10-01 16:33 - 2017-10-01 16:33 - 013489912 _____ (Reimage) C:\Users\Líba\AppData\Local\Temp\ReimagePackage.exe
2017-09-18 10:55 - 2017-09-18 10:55 - 000617984 _____ () C:\Users\Líba\AppData\Local\Temp\SetupInstaller.exe
2016-08-16 09:48 - 2016-08-16 09:48 - 000488960 _____ () C:\Users\Líba\AppData\Local\Temp\sqlite3.exe
2017-09-18 10:04 - 2017-09-18 10:04 - 000089576 _____ () C:\Users\Líba\AppData\Local\Temp\vsdel.exe
2017-09-18 10:55 - 2017-09-18 10:55 - 004101056 _____ () C:\Users\Líba\AppData\Local\Temp\XvidCodecInstall.exe
2017-09-25 19:46 - 2017-10-03 16:33 - 000534528 _____ () C:\Users\Líba\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\026D606F.sys
C:\Windows\System32\Drivers\1ADF64B3.sys
C:\Windows\System32\Drivers\305551FB.sys
C:\Windows\System32\Drivers\35CE5447.sys
C:\Windows\System32\Drivers\3E3855B8.sys
C:\Windows\System32\Drivers\4F266BB8.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\026D606F.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\1ADF64B3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\305551FB.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\35CE5447.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\3E3855B8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\4F266BB8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\VB Checkbow Tabs.job => rundll32.exe C:\Program Files\VB Checkbow Tabs\VB Checkbow Tabs.dll

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\L¡ba\Desktop" je 5700 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 06 říj 2017 12:39 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2017 01
Ran by Líba (administrator) on DESKTOP-B7MNK66 (06-10-2017 13:35:38)
Running from C:\Users\Líba\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Pro Version 1511 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TODO: <Company name>) C:\Disk\WebService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(TODO: <Company name>) C:\Disk\WEBSER~1.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mstsc.exe
() C:\Windows\KMS-R@1nHook.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(forum.viry.cz) C:\Users\Líba\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SERVICE] => [X]
HKLM\...\Run: [egui] => cmd /c /q ""C:\Program Files\ESET\ESET Security\ecmd.exe"" "/launch /hide"
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] ()
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [bbqskugrdz1] => "C:\Users\Líba\AppData\Roaming\m2b4lp5a3py\qyzcha4eu34.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [7X1LS8QYZ6UJNIW] => "C:\Program Files\7U7TRGECCX\7U7TRGECC.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [iud3n1tqz45] => "C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn\1rwfu4rgpr5.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [st5s03echcg] => "C:\Users\Líba\AppData\Roaming\o2vmp42dmwv\fukpsqgxefj.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [sl1lavbyefn] => "C:\Users\Líba\AppData\Roaming\bvskreypyxn\lhuos2op3qi.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [YQYGSRJL7OKDL0V] => "C:\Program Files\GC7L3SEWVN\R1KAI1FMB.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [TWU27P2S5ABJBL0] => "C:\Program Files\KGGZZPL3AX\KGGZZPL3A.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {06b6e035-a4ed-11e7-b2c0-90004ef5ab17} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {2bb42d05-8cad-11e7-b2ba-90004ef5ab17} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {b604e5c2-8997-11e7-b2b5-90004ef5ab17} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\MountPoints2: {e4d9eec3-8c27-11e7-b2ba-90004ef5ab17} - "D:\Autoplay.exe" -auto
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\ProgramData\DreamScreen\DreamScreen.scr
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\Users\Líba\AppData\Roaming\tmp546.dat -> No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-306088123-3753404819-704058302-1001] => hxxp://webunstop.net/wpad.dat?fdf7fb351 ... a335892267
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{56c58440-6198-4fd4-bf2d-81b888fdebfc}: [DhcpNameServer] 213.46.172.37 213.46.172.36
ManualProxies: 0hxxp://webunstop.net/wpad.dat?fdf7fb351d63b6824083aa1bc493efa335892267

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-306088123-3753404819-704058302-1001 -> {DE012DD2-5B5D-4011-A2C3-BF79BC0BA7AE} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-25] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-25] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-25] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-26] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-25] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-09-14]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-08-24] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)

Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html", Not-active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://search.randomwalktab.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Random Walk Shapes
CHR DefaultSuggestURL: Default -> hxxps://randomwalktab.com/suggestions.php?q={searchTerms}
CHR Profile: C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default [2017-10-06]
CHR Extension: (Prezentace Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-28]
CHR Extension: (Dokumenty Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-28]
CHR Extension: (Disk Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-28]
CHR Extension: (YouTube) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-28]
CHR Extension: (Adblock Plus) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-11]
CHR Extension: (Tabulky Google) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-28]
CHR Extension: (Speed Dial 2 - New tab) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2017-08-28]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2017-10-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-08-28]
CHR Extension: (Gmail) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-28]
CHR Extension: (Chrome Media Router) - C:\Users\Líba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjcngoneogjbkdakodemfopgkkncoll] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1933872 2017-09-22] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-08-25] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [121856 2012-10-21] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-09-05] (Microsoft Corporation)
S2 AdsService; C:\Users\Líba\AppData\Local\AdService\AdService.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [133360 2017-07-25] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15392 2017-07-25] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [180096 2017-09-19] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [106312 2017-09-19] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-10-01] ()
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2017-07-26] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R1 wfcre; C:\Windows\System32\drivers\wfcre.sys [124288 2017-07-04] ()
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-06 13:33 - 2017-10-06 13:36 - 000023739 _____ C:\Users\Líba\Desktop\FRST.txt
2017-10-06 13:31 - 2017-10-06 13:33 - 000000000 ____D C:\FRST
2017-10-06 13:30 - 2017-10-06 13:30 - 000112640 _____ (forum.viry.cz) C:\Users\Líba\Desktop\FRSTLauncher.exe
2017-10-06 13:30 - 2017-10-06 13:29 - 002399744 _____ (Farbar) C:\Users\Líba\Desktop\FRST64.exe
2017-10-06 09:28 - 2017-10-06 13:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-10-05 22:50 - 2017-10-05 22:47 - 008250832 _____ (Malwarebytes) C:\Users\Líba\Desktop\adwcleaner_7.0.3.1.exe
2017-10-04 12:25 - 2017-10-04 12:25 - 000037682 _____ C:\Users\Líba\Downloads\MS_Humanic_Brnenska_Hradec Kralove_260917_dotazník6.pdf
2017-10-03 18:27 - 2017-10-03 18:27 - 000679857 _____ C:\Users\Líba\Downloads\891-objednavkovy-formular-a4-2016-04-interaktivni1.pdf
2017-10-03 18:21 - 2017-10-03 18:26 - 000679857 _____ C:\Users\Líba\Downloads\891-objednavkovy-formular-a4-2016-04-interaktivni.pdf
2017-10-03 16:41 - 2017-10-03 16:41 - 000001550 _____ C:\Windows\Tasks\VB Checkbow Tabs.job
2017-10-03 16:33 - 2017-10-03 16:34 - 000000085 _____ C:\Windows\wininit.ini
2017-10-03 15:52 - 2017-10-03 15:52 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2017-10-03 15:51 - 2017-10-03 16:34 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-03 15:51 - 2017-10-03 15:51 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-10-03 15:50 - 2017-10-03 16:41 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-10-03 07:09 - 2017-10-03 07:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-10-03 07:09 - 2017-10-03 07:09 - 000000000 ____D C:\ProgramData\ESET
2017-10-02 23:12 - 2017-10-02 23:12 - 000000000 _____ C:\Windows\system32\Drivers\4F266BB8.sys
2017-10-02 23:03 - 2017-10-02 23:03 - 000000000 _____ C:\Windows\system32\Drivers\1ADF64B3.sys
2017-10-02 20:10 - 2017-10-02 20:10 - 000000000 _____ C:\Windows\system32\Drivers\026D606F.sys
2017-10-02 19:56 - 2017-10-02 19:56 - 000000000 _____ C:\Windows\system32\Drivers\3E3855B8.sys
2017-10-02 19:54 - 2017-10-02 19:54 - 000000000 _____ C:\Windows\system32\Drivers\35CE5447.sys
2017-10-02 19:51 - 2017-10-02 19:51 - 000000000 _____ C:\Windows\system32\Drivers\305551FB.sys
2017-10-01 21:27 - 2017-10-01 21:38 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-01 18:59 - 2017-10-03 06:40 - 000000000 ____D C:\Program Files\Plumbytes Software
2017-10-01 18:59 - 2017-10-01 19:43 - 000000000 ____D C:\Users\Líba\AppData\Local\{12A8CCFE-3C33-4995-BAD8-074E4C5B22FD}
2017-10-01 18:48 - 2017-10-01 18:48 - 000000000 ____D C:\Users\Líba\AppData\Roaming\DreamCompress
2017-10-01 18:28 - 2017-10-01 18:28 - 000000270 __RSH C:\Users\Líba\ntuser.pol
2017-10-01 18:25 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\KGGZZPL3AX
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\GC7L3SEWVN
2017-10-01 18:25 - 2017-10-02 20:36 - 000000000 ____D C:\ProgramData\DreamScreen
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\o2vmp42dmwv
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\bvskreypyxn
2017-10-01 18:25 - 2017-10-01 18:56 - 000000000 ____D C:\Users\Líba\AppData\Roaming\System Healer
2017-10-01 18:25 - 2017-10-01 18:25 - 000003434 _____ C:\Windows\System32\Tasks\SystemHealer Monitor
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\Users\Líba\AppData\Roaming\DreamScreen
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\ProgramData\CupCheck
2017-10-01 18:24 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-10-01 18:24 - 2017-10-03 07:21 - 000000000 ____D C:\Program Files\7U7TRGECCX
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\m2b4lp5a3py
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn
2017-10-01 18:23 - 2017-10-01 18:23 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Macromedia
2017-10-01 18:22 - 2017-10-03 07:23 - 000016834 _____ C:\Windows\System32\Tasks\VB Checkbow Tabs
2017-10-01 18:22 - 2017-10-03 06:37 - 000000000 ____D C:\Disk
2017-10-01 18:22 - 2017-10-01 18:22 - 000003324 _____ C:\Windows\System32\Tasks\LaCieS
2017-10-01 18:22 - 2017-10-01 18:22 - 000000000 ____D C:\Windat
2017-10-01 18:20 - 2017-10-01 18:20 - 000002360 __RSH C:\ProgramData\ntuser.pol
2017-10-01 18:20 - 2017-10-01 18:20 - 000000000 ____D C:\ProgramData\33e6433c-4925-0
2017-10-01 18:20 - 2017-10-01 18:20 - 000000000 ____D C:\ProgramData\33e6433c-2cf1-1
2017-10-01 18:15 - 2017-10-01 18:15 - 000000000 ____D C:\ProgramData\Microleaves
2017-10-01 18:14 - 2017-10-02 15:39 - 000000000 ____D C:\Applications
2017-10-01 18:14 - 2017-10-01 18:14 - 000003346 _____ C:\Windows\System32\Tasks\ShadowsocksS
2017-10-01 18:14 - 2017-10-01 18:14 - 000000000 ____D C:\WinSys
2017-10-01 18:13 - 2017-10-03 16:05 - 000000000 ____D C:\Users\Líba\AppData\Local\AdService
2017-10-01 18:13 - 2017-10-01 18:13 - 000140800 _____ C:\Users\Líba\AppData\Local\installer.dat
2017-10-01 18:13 - 2017-10-01 18:13 - 000011568 _____ C:\Users\Líba\AppData\Local\InstallationConfiguration.xml
2017-10-01 18:13 - 2017-10-01 18:13 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G3.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G2.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G1.job
2017-10-01 18:12 - 2017-10-06 10:21 - 000000414 _____ C:\Windows\Tasks\Updater_Online_Application.job
2017-10-01 18:12 - 2017-10-01 18:18 - 000003308 _____ C:\Windows\System32\Tasks\Updater_Online_Application
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G3
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G2
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G1
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Microleaves
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Local\AdvinstAnalytics
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Program Files (x86)\Microleaves
2017-10-01 16:33 - 2017-10-01 18:47 - 000000150 _____ C:\Windows\Reimage.ini
2017-09-30 12:39 - 2017-09-30 12:39 - 000000000 ____D C:\Windows\UpdateAssistant
2017-09-29 10:59 - 2017-09-29 11:00 - 000141941 _____ C:\Users\Líba\Downloads\nabídka1.pdf
2017-09-29 10:25 - 2017-09-29 09:18 - 000019266 _____ C:\Users\Líba\Downloads\Seznam vrácených e-mailů msv 2017.xlsx
2017-09-26 18:50 - 2017-09-26 18:50 - 000618214 _____ C:\Users\Líba\Downloads\humanic_dotazník.pdf
2017-09-25 13:37 - 2017-09-25 13:37 - 000000000 ____D C:\Users\Líba\AppData\Local\Microsoft Help
2017-09-19 19:25 - 2017-09-19 19:25 - 001852615 _____ C:\Users\Líba\Desktop\Samolepky-pro-kořenky_Bez-vepsaných-názvů-kořenek-a-zavařenin.pdf
2017-09-19 19:25 - 2017-09-19 19:25 - 001658615 _____ C:\Users\Líba\Desktop\Samolepky-pro-kořenky_S-oranžovým-hrncem-na-bílém-pozadí-bez-názvů-kořenek-a-zavařenin.pdf
2017-09-19 19:24 - 2017-09-19 19:24 - 016293585 _____ C:\Users\Líba\Desktop\samolepky na koření.pdf
2017-09-19 19:24 - 2017-09-19 19:24 - 001539223 _____ C:\Users\Líba\Desktop\samolepky na koření 1.pdf
2017-09-19 10:05 - 2017-09-19 10:05 - 000180096 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2017-09-19 10:05 - 2017-09-19 10:05 - 000106312 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2017-09-18 14:48 - 2017-09-18 15:41 - 000098304 _____ C:\Users\Líba\Desktop\LV-Neobdělávané firmy od 01 16 (2).xls
2017-09-18 14:48 - 2017-09-18 14:48 - 000000000 ____D C:\Users\Líba\Documents\Vlastní šablony Office
2017-09-18 11:12 - 2017-09-18 11:18 - 000000000 ____D C:\Program Files\VueScan
2017-09-18 11:12 - 2017-09-18 11:12 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2017-09-18 11:12 - 2017-09-18 11:12 - 000001038 _____ C:\Users\Public\Desktop\VueScan x64.lnk
2017-09-18 10:49 - 2017-09-18 10:50 - 000000000 ____D C:\Users\Líba\AppData\Roaming\NAPS2
2017-09-18 10:02 - 2017-09-18 11:12 - 000000000 ____D C:\Windows\twain_64
2017-09-18 09:55 - 2017-09-18 09:55 - 000000000 ___RD C:\Users\Líba\Documents\Scanned Documents
2017-09-18 09:55 - 2017-09-18 09:55 - 000000000 ____D C:\Users\Líba\Documents\Fax
2017-09-18 07:26 - 2017-09-18 07:26 - 000174080 _____ C:\Users\Líba\Downloads\LV-Neobdělávané firmy od 01 16 (2).xls
2017-09-17 18:21 - 2017-09-17 18:21 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2017-09-17 18:21 - 2017-09-17 18:21 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2017-09-17 18:21 - 2017-09-17 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2017-09-13 16:41 - 2017-09-05 07:00 - 000190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-09-13 16:41 - 2017-09-05 06:57 - 000541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-09-13 16:41 - 2017-09-05 06:48 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-13 16:41 - 2017-09-05 06:37 - 000667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 16:41 - 2017-09-05 06:20 - 001123328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-13 16:41 - 2017-09-05 06:19 - 000314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2017-09-13 16:41 - 2017-09-05 06:18 - 002102272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2017-09-13 16:41 - 2017-09-05 06:06 - 004759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-13 16:41 - 2017-06-17 07:56 - 001984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-09-13 16:41 - 2017-06-03 11:44 - 000760320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-09-13 16:41 - 2016-09-07 06:31 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-09-13 16:41 - 2016-09-07 06:28 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-09-13 16:40 - 2017-09-05 11:07 - 000994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-09-13 16:40 - 2017-09-05 09:56 - 001552104 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-09-13 16:40 - 2017-09-05 09:51 - 000808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-09-13 16:40 - 2017-09-05 09:45 - 006536248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2017-09-13 16:40 - 2017-09-05 09:20 - 000845568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2017-09-13 16:40 - 2017-09-05 09:19 - 001862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-13 16:40 - 2017-09-05 09:19 - 001542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 16:40 - 2017-09-05 09:11 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-09-13 16:40 - 2017-09-05 09:11 - 000035624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-13 16:40 - 2017-09-05 08:47 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\genericusbfn.sys
2017-09-13 16:40 - 2017-09-05 08:38 - 001349640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2017-09-13 16:40 - 2017-09-05 08:35 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2017-09-13 16:40 - 2017-09-05 08:32 - 002946672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 16:40 - 2017-09-05 08:32 - 000703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-13 16:40 - 2017-09-05 08:29 - 021123832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 16:40 - 2017-09-05 08:29 - 005240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-13 16:40 - 2017-09-05 08:29 - 000465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2017-09-13 16:40 - 2017-09-05 08:26 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2017-09-13 16:40 - 2017-09-05 08:23 - 000174944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-09-13 16:40 - 2017-09-05 08:14 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2017-09-13 16:40 - 2017-09-05 08:06 - 000546968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-13 16:40 - 2017-09-05 08:06 - 000262496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-13 16:40 - 2017-09-05 08:05 - 000540280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 001523184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 001368176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 000335248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-13 16:40 - 2017-09-05 08:04 - 000141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-13 16:40 - 2017-09-05 08:01 - 000727552 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-09-13 16:40 - 2017-09-05 07:54 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 16:40 - 2017-09-05 07:48 - 000320000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-09-13 16:40 - 2017-09-05 07:40 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-13 16:40 - 2017-09-05 07:37 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-09-13 16:40 - 2017-09-05 07:30 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-13 16:40 - 2017-09-05 07:19 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 16:40 - 2017-09-05 07:15 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-09-13 16:40 - 2017-09-05 07:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-13 16:40 - 2017-09-05 07:13 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-09-13 16:40 - 2017-09-05 07:12 - 000256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2017-09-13 16:40 - 2017-09-05 07:11 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-13 16:40 - 2017-09-05 07:11 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll
2017-09-13 16:40 - 2017-09-05 07:10 - 002279936 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-13 16:40 - 2017-09-05 07:09 - 000310784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 16:40 - 2017-09-05 07:08 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-09-13 16:40 - 2017-09-05 07:06 - 000092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2017-09-13 16:40 - 2017-09-05 07:03 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-13 16:40 - 2017-09-05 07:02 - 000461312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-09-13 16:40 - 2017-09-05 07:02 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-09-13 16:40 - 2017-09-05 07:01 - 000365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 16:40 - 2017-09-05 07:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2017-09-13 16:40 - 2017-09-05 06:55 - 000576000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-13 16:40 - 2017-09-05 06:53 - 000395776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-13 16:40 - 2017-09-05 06:53 - 000238592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2017-09-13 16:40 - 2017-09-05 06:52 - 000705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-13 16:40 - 2017-09-05 06:52 - 000250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-09-13 16:40 - 2017-09-05 06:51 - 000401920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-13 16:40 - 2017-09-05 06:48 - 000153088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2017-09-13 16:40 - 2017-09-05 06:47 - 000788992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-13 16:40 - 2017-09-05 06:46 - 000400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2017-09-13 16:40 - 2017-09-05 06:45 - 001151488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-09-13 16:40 - 2017-09-05 06:45 - 000241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-13 16:40 - 2017-09-05 06:41 - 001467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-13 16:40 - 2017-09-05 06:40 - 000805888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2017-09-13 16:40 - 2017-09-05 06:38 - 003695104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 16:40 - 2017-09-05 06:37 - 000764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2017-09-13 16:40 - 2017-09-05 06:36 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licensingdiag.exe
2017-09-13 16:40 - 2017-09-05 06:23 - 004078080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-13 16:40 - 2017-09-05 06:20 - 002911744 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-09-13 16:40 - 2017-09-05 06:19 - 007536128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-09-13 16:40 - 2017-09-05 06:16 - 001626112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2017-09-13 16:40 - 2017-09-05 06:16 - 001501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 16:40 - 2017-09-05 06:15 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-09-13 16:40 - 2017-09-05 06:13 - 002881536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 16:40 - 2017-09-05 06:12 - 004412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 16:40 - 2017-09-05 06:12 - 003053568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-09-13 16:40 - 2017-09-05 06:12 - 002680320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-09-13 16:40 - 2017-09-05 06:11 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-13 16:40 - 2017-09-05 06:11 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 16:40 - 2017-09-05 06:10 - 006296064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2017-09-13 16:40 - 2017-09-05 06:10 - 001799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2017-09-13 16:40 - 2017-09-05 06:07 - 003574272 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-13 16:40 - 2017-09-05 06:04 - 005205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-09-13 16:40 - 2017-09-05 05:55 - 002770432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-13 16:40 - 2017-09-05 05:51 - 004404736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-09-13 16:40 - 2017-09-05 05:48 - 005327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 16:40 - 2017-09-05 05:48 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 16:40 - 2017-09-05 05:44 - 006742528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-13 16:40 - 2017-09-05 05:44 - 002604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-09-13 16:40 - 2017-09-05 05:39 - 002632192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-09-13 16:40 - 2017-09-05 05:18 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-13 16:39 - 2017-09-05 11:32 - 001997840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 16:39 - 2017-09-05 11:32 - 001098648 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-09-13 16:39 - 2017-09-05 11:11 - 000042928 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-13 16:39 - 2017-09-05 10:40 - 003449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2017-09-13 16:39 - 2017-09-05 09:57 - 000245848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-13 16:39 - 2017-09-05 09:47 - 022560232 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 16:39 - 2017-09-05 09:47 - 006605000 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-09-13 16:39 - 2017-09-05 09:19 - 001558288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-13 16:39 - 2017-09-05 09:05 - 000388896 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-09-13 16:39 - 2017-09-05 08:59 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-13 16:39 - 2017-09-05 08:46 - 000824320 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-09-13 16:39 - 2017-09-05 08:34 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 16:39 - 2017-09-05 08:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 16:39 - 2017-09-05 08:28 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 16:39 - 2017-09-05 08:27 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-13 16:39 - 2017-09-05 08:24 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 16:39 - 2017-09-05 08:22 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\bdechangepin.exe
2017-09-13 16:39 - 2017-09-05 08:19 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 16:39 - 2017-09-05 08:19 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 16:39 - 2017-09-05 08:17 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 16:39 - 2017-09-05 08:17 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-09-13 16:39 - 2017-09-05 08:11 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2017-09-13 16:39 - 2017-09-05 08:10 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-09-13 16:39 - 2017-09-05 08:04 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-09-13 16:39 - 2017-09-05 07:57 - 000841728 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-09-13 16:39 - 2017-09-05 07:57 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-09-13 16:39 - 2017-09-05 07:56 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-09-13 16:39 - 2017-09-05 07:52 - 000970752 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2017-09-13 16:39 - 2017-09-05 07:52 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2017-09-13 16:39 - 2017-09-05 07:44 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 16:39 - 2017-09-05 07:42 - 001752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 16:39 - 2017-09-05 07:41 - 000961536 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-09-13 16:39 - 2017-09-05 07:31 - 000572928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-13 16:39 - 2017-09-05 07:30 - 000888832 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2017-09-13 16:39 - 2017-09-05 07:28 - 000838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-09-13 16:39 - 2017-09-05 07:18 - 005123072 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-09-13 16:39 - 2017-09-05 07:17 - 001122816 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 16:39 - 2017-09-05 07:05 - 003405312 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 16:39 - 2017-09-05 07:04 - 000083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 16:39 - 2017-09-05 07:03 - 007977984 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2017-09-13 16:39 - 2017-09-05 06:44 - 007200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-09-13 16:39 - 2017-09-05 06:42 - 000957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-09-13 16:39 - 2017-09-05 06:40 - 001526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 16:39 - 2017-09-05 05:48 - 019346432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 16:39 - 2017-09-05 05:48 - 018675200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-13 16:39 - 2016-10-25 07:42 - 002876928 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2017-09-13 16:38 - 2017-09-05 11:34 - 001030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-13 16:38 - 2017-09-05 11:31 - 007463776 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 16:38 - 2017-09-05 11:31 - 002656960 _____ C:\Windows\system32\CoreUIComponents.dll
2017-09-13 16:38 - 2017-09-05 11:29 - 001819208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 16:38 - 2017-09-05 11:27 - 000754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-09-13 16:38 - 2017-09-05 11:14 - 001637216 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-13 16:38 - 2017-09-05 09:51 - 003700816 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 16:38 - 2017-09-05 09:48 - 000566112 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-09-13 16:38 - 2017-09-05 09:46 - 001540216 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-09-13 16:38 - 2017-09-05 09:46 - 000692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2017-09-13 16:38 - 2017-09-05 09:45 - 001128104 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-09-13 16:38 - 2017-09-05 09:44 - 000625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-09-13 16:38 - 2017-09-05 09:44 - 000609056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-09-13 16:38 - 2017-09-05 09:44 - 000161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 16:38 - 2017-09-05 09:19 - 000636816 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-09-13 16:38 - 2017-09-05 09:18 - 001777792 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-09-13 16:38 - 2017-09-05 09:18 - 001597520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-09-13 16:38 - 2017-09-05 08:45 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-09-13 16:38 - 2017-09-05 08:45 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-09-13 16:38 - 2017-09-05 08:27 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-09-13 16:38 - 2017-09-05 08:25 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-09-13 16:38 - 2017-09-05 08:24 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-09-13 16:38 - 2017-09-05 08:23 - 000297472 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2017-09-13 16:38 - 2017-09-05 08:22 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-09-13 16:38 - 2017-09-05 08:22 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll
2017-09-13 16:38 - 2017-09-05 08:20 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2017-09-13 16:38 - 2017-09-05 08:15 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 16:38 - 2017-09-05 08:15 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-13 16:38 - 2017-09-05 08:15 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2017-09-13 16:38 - 2017-09-05 08:15 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-09-13 16:38 - 2017-09-05 08:13 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 16:38 - 2017-09-05 08:13 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 16:38 - 2017-09-05 08:12 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 16:38 - 2017-09-05 08:10 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-09-13 16:38 - 2017-09-05 08:10 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-09-13 16:38 - 2017-09-05 08:09 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-09-13 16:38 - 2017-09-05 08:08 - 000764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-09-13 16:38 - 2017-09-05 08:08 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-09-13 16:38 - 2017-09-05 08:06 - 000320000 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-09-13 16:38 - 2017-09-05 08:05 - 000385024 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 16:38 - 2017-09-05 08:04 - 000715264 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-09-13 16:38 - 2017-09-05 07:57 - 000602112 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-09-13 16:38 - 2017-09-05 07:50 - 002125312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2017-09-13 16:38 - 2017-09-05 07:50 - 000967168 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 16:38 - 2017-09-05 07:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 16:38 - 2017-09-05 07:49 - 001418240 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-09-13 16:38 - 2017-09-05 07:49 - 000785920 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 16:38 - 2017-09-05 07:49 - 000515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2017-09-13 16:38 - 2017-09-05 07:48 - 002129920 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 16:38 - 2017-09-05 07:46 - 001385472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-09-13 16:38 - 2017-09-05 07:44 - 000853504 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-09-13 16:38 - 2017-09-05 07:40 - 001292800 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-09-13 16:38 - 2017-09-05 07:38 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-09-13 16:38 - 2017-09-05 07:37 - 004456448 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-13 16:38 - 2017-09-05 07:37 - 001742848 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2017-09-13 16:38 - 2017-09-05 07:35 - 002054144 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-09-13 16:38 - 2017-09-05 07:20 - 003588608 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-09-13 16:38 - 2017-09-05 07:20 - 002610176 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-09-13 16:38 - 2017-09-05 07:15 - 001676800 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-09-13 16:38 - 2017-09-05 07:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 16:38 - 2017-09-05 07:13 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2017-09-13 16:38 - 2017-09-05 07:11 - 003046400 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2017-09-13 16:38 - 2017-09-05 07:11 - 001729024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 16:38 - 2017-09-05 07:10 - 001946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-09-13 16:38 - 2017-09-05 07:10 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-09-13 16:38 - 2017-09-05 07:06 - 000268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 16:38 - 2017-09-05 07:05 - 004827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 16:38 - 2017-09-05 07:05 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-13 16:38 - 2017-09-05 07:04 - 003355136 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-09-13 16:38 - 2017-09-05 07:03 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-09-13 16:38 - 2017-09-05 07:01 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-13 16:38 - 2017-09-05 06:58 - 002635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-09-13 16:38 - 2017-09-05 06:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 16:38 - 2017-09-05 06:56 - 005503488 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2017-09-13 16:38 - 2017-09-05 06:54 - 003585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-09-13 16:38 - 2017-09-05 06:47 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 16:38 - 2017-09-05 06:46 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 16:38 - 2017-09-05 06:45 - 002051584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 16:38 - 2017-09-05 06:45 - 001383424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 16:38 - 2017-09-05 06:34 - 004890624 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 16:38 - 2017-09-05 06:31 - 022377472 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-09-13 16:38 - 2017-09-05 06:28 - 013410816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 16:38 - 2017-09-05 06:24 - 006978048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-13 16:38 - 2017-09-05 06:23 - 024606720 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 16:38 - 2017-09-05 06:23 - 006312448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-09-13 16:38 - 2017-09-05 06:21 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 16:38 - 2017-09-05 06:06 - 007841792 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-09-13 16:38 - 2017-09-05 05:57 - 003662848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 16:38 - 2017-09-05 05:48 - 012155904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 16:38 - 2017-09-05 05:37 - 005661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-13 16:37 - 2017-09-05 09:41 - 000202592 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-09-13 16:37 - 2017-09-05 09:19 - 000292192 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-09-13 16:37 - 2017-09-05 09:18 - 000642520 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-13 16:37 - 2017-09-05 09:18 - 000380152 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-13 16:37 - 2017-09-05 09:18 - 000147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-13 16:37 - 2017-09-05 08:34 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-09-13 16:37 - 2017-09-05 08:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-09-13 16:37 - 2017-09-05 08:25 - 000485376 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2017-09-13 16:37 - 2017-09-05 08:18 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-09-13 16:37 - 2017-09-05 08:12 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-09-13 16:37 - 2017-09-05 08:11 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-09-13 16:37 - 2017-09-05 08:02 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-09-13 16:37 - 2017-09-05 07:59 - 000452608 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-09-13 16:37 - 2017-09-05 07:59 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2017-09-13 16:37 - 2017-09-05 07:52 - 000985088 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-13 16:37 - 2017-09-05 07:43 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-13 16:37 - 2017-09-05 07:37 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe
2017-09-13 16:37 - 2017-09-05 07:21 - 000584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-13 16:37 - 2017-09-05 07:03 - 000244736 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 16:37 - 2017-09-05 06:16 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-13 16:37 - 2017-09-05 06:02 - 001087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-09-12 15:30 - 2017-09-13 21:25 - 000000000 ____D C:\Users\Líba\Desktop\dnes
2017-09-11 16:51 - 2017-09-11 16:51 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-09-11 16:50 - 2017-09-14 19:52 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-09-11 16:50 - 2017-09-14 19:52 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-09-11 16:50 - 2017-09-11 16:50 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2017-09-11 14:48 - 2017-09-11 14:49 - 007897776 _____ (Tim Kosse) C:\Users\Líba\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-09-11 09:18 - 2017-09-11 09:19 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2017-09-08 08:59 - 2017-09-08 08:59 - 000001150 _____ C:\Users\Public\Desktop\MP3 Joiner Pro.lnk
2017-09-08 08:59 - 2017-09-08 08:59 - 000000000 ____D C:\Users\Líba\AppData\Roaming\MP3 Joiner Pro
2017-09-08 08:59 - 2017-09-08 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Joiner Pro
2017-09-08 08:59 - 2017-09-08 08:59 - 000000000 ____D C:\Program Files (x86)\MP3 Joiner Pro

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-06 13:33 - 2017-08-28 09:55 - 000004206 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{76C58836-5AF9-4569-9BAD-BAAD998F849D}
2017-10-06 13:31 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-10-06 12:08 - 2017-08-28 18:26 - 000000000 ____D C:\Users\Líba\AppData\Local\ACD Systems
2017-10-06 11:17 - 2017-08-28 14:42 - 000000000 ____D C:\Program Files\rempl
2017-10-06 10:52 - 2017-08-28 15:34 - 000000000 ___RD C:\Users\Líba\Desktop\AJP TECH
2017-10-06 10:43 - 2017-08-28 15:26 - 000000000 ____D C:\Users\Líba\Desktop\MS
2017-10-06 08:19 - 2017-08-25 22:03 - 001771468 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-06 08:19 - 2017-08-25 15:13 - 000751256 _____ C:\Windows\system32\perfh005.dat
2017-10-06 08:19 - 2017-08-25 15:13 - 000150864 _____ C:\Windows\system32\perfc005.dat
2017-10-06 08:19 - 2015-10-30 09:21 - 000000000 ____D C:\Windows\INF
2017-10-05 21:53 - 2017-08-28 13:54 - 000002262 ____H C:\Users\Líba\Documents\Default.rdp
2017-10-05 15:44 - 2017-08-28 10:35 - 000000000 ____D C:\Users\Líba\AppData\Local\GHISLER
2017-10-05 15:19 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\AppReadiness
2017-10-04 07:37 - 2015-10-30 09:24 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-03 19:22 - 2017-08-25 14:16 - 000000000 ____D C:\Users\Líba\AppData\Local\Packages
2017-10-03 16:41 - 2017-08-25 21:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-03 16:41 - 2015-10-30 08:28 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-10-03 16:33 - 2017-08-28 13:44 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Seznam.cz
2017-10-03 07:23 - 2015-10-30 08:28 - 000000000 ____D C:\Program Files\VB Checkbow Tabs
2017-10-03 07:14 - 2015-10-30 09:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-10-03 07:09 - 2017-08-28 16:09 - 000000000 ____D C:\Program Files\ESET
2017-10-02 23:05 - 2017-08-28 14:08 - 000000000 ____D C:\Users\Líba\AppData\Local\CrashDumps
2017-10-02 16:31 - 2017-08-25 14:15 - 000000000 ____D C:\Users\Líba
2017-10-02 15:52 - 2017-08-28 13:15 - 000000000 ____D C:\Users\Líba\Documents\Líba
2017-10-01 21:37 - 2017-08-28 09:08 - 000000000 ____D C:\Users\Líba\AppData\Local\Google
2017-10-01 18:22 - 2017-08-28 16:28 - 000000000 ____D C:\Users\Líba\AppData\Local\ESET
2017-10-01 18:21 - 2017-08-28 09:09 - 000002326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-01 18:19 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\GroupPolicy
2017-09-25 20:34 - 2017-08-25 21:47 - 000345880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-25 19:53 - 2017-08-28 15:43 - 000000000 ____D C:\Users\Líba\AppData\Roaming\uTorrent
2017-09-25 19:26 - 2017-08-28 16:28 - 000000000 ____D C:\Users\Líba\AppData\Roaming\ESET
2017-09-25 17:39 - 2017-08-30 15:17 - 000000000 ____D C:\Users\Líba\Documents\HiSuite
2017-09-25 05:49 - 2015-10-30 09:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-25 05:45 - 2017-08-28 17:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-20 16:50 - 2017-08-25 22:46 - 000000000 ____D C:\Windows\Panther
2017-09-19 18:16 - 2017-08-28 21:09 - 000000000 ____D C:\ProgramData\KMSAutoS
2017-09-18 15:41 - 2017-08-28 14:04 - 000000000 ____D C:\Users\Líba\AppData\Roaming\FileZilla
2017-09-18 10:54 - 2017-08-28 21:59 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-17 18:21 - 2017-08-28 20:59 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-09-17 18:21 - 2017-08-28 20:59 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-09-17 17:47 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\rescache
2017-09-15 07:37 - 2017-08-25 14:21 - 000003372 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-306088123-3753404819-704058302-1001
2017-09-15 07:37 - 2017-08-25 14:19 - 000002384 _____ C:\Users\Líba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 07:37 - 2017-08-25 14:19 - 000000000 ___RD C:\Users\Líba\OneDrive
2017-09-14 19:54 - 2017-08-28 22:07 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-14 19:34 - 2015-10-30 09:11 - 000000000 ____D C:\Windows\CbsTemp
2017-09-14 18:55 - 2017-08-25 14:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___SD C:\Windows\system32\F12
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ___RD C:\Windows\DevicesFlow
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Windows\system32\oobe
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files\Windows Defender
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-13 21:52 - 2015-10-30 09:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-13 16:55 - 2017-08-28 14:36 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 16:51 - 2017-08-28 14:36 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-12 15:34 - 2017-08-25 14:16 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Adobe
2017-09-11 22:35 - 2017-08-28 21:57 - 000000000 ____D C:\Users\Líba\AppData\Local\Adobe
2017-09-11 16:51 - 2017-08-28 21:58 - 000000000 ____D C:\ProgramData\Adobe
2017-09-11 16:22 - 2017-08-28 16:02 - 000000000 ____D C:\Users\Líba\Desktop\sukně a střihy
2017-09-11 09:20 - 2017-08-28 10:35 - 000000000 ____D C:\Program Files (x86)\totalcmd

==================== Files in the root of some directories =======

2017-08-29 12:43 - 2017-08-29 12:43 - 002106893 _____ () C:\Users\Líba\AppData\Roaming\langInstall.exe
2017-10-01 18:13 - 2017-10-01 18:13 - 000011568 _____ () C:\Users\Líba\AppData\Local\InstallationConfiguration.xml
2017-10-01 18:13 - 2017-10-01 18:13 - 000140800 _____ () C:\Users\Líba\AppData\Local\installer.dat

Some files in TEMP:
====================
2017-09-18 10:55 - 2017-09-18 10:55 - 000024576 _____ () C:\Users\Líba\AppData\Local\Temp\instac.exe
2017-10-01 18:24 - 2017-10-01 18:24 - 000374181 _____ (WeMonetize ) C:\Users\Líba\AppData\Local\Temp\QYUN6IT.exe
2017-10-01 16:33 - 2017-10-01 16:33 - 013489912 _____ (Reimage) C:\Users\Líba\AppData\Local\Temp\ReimagePackage.exe
2017-09-18 10:55 - 2017-09-18 10:55 - 000617984 _____ () C:\Users\Líba\AppData\Local\Temp\SetupInstaller.exe
2016-08-16 09:48 - 2016-08-16 09:48 - 000488960 _____ () C:\Users\Líba\AppData\Local\Temp\sqlite3.exe
2017-09-18 10:04 - 2017-09-18 10:04 - 000089576 _____ () C:\Users\Líba\AppData\Local\Temp\vsdel.exe
2017-09-18 10:55 - 2017-09-18 10:55 - 004101056 _____ () C:\Users\Líba\AppData\Local\Temp\XvidCodecInstall.exe
2017-09-25 19:46 - 2017-10-03 16:33 - 000534528 _____ () C:\Users\Líba\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\026D606F.sys
C:\Windows\System32\Drivers\1ADF64B3.sys
C:\Windows\System32\Drivers\305551FB.sys
C:\Windows\System32\Drivers\35CE5447.sys
C:\Windows\System32\Drivers\3E3855B8.sys
C:\Windows\System32\Drivers\4F266BB8.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\026D606F.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\1ADF64B3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\305551FB.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\35CE5447.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\3E3855B8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\4F266BB8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\VB Checkbow Tabs.job => rundll32.exe C:\Program Files\VB Checkbow Tabs\VB Checkbow Tabs.dll

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\L¡ba\Desktop" je 5700 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 06 říj 2017 21:44 
Offline
Moderátor
Moderátor

Registrován: 05 pro 2009 20:08
Příspěvky: 21607
Bydliště: Ostrava
:arrow: Postupujte podle navodu kolegy
vyosek píše:
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte



:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 08 říj 2017 08:43 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
JRT - software tohoto vydavatele byl zablokován a nesmí být v počítači spuštěn...


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 08 říj 2017 10:58 
Offline
Moderátor
Moderátor

Registrován: 05 pro 2009 20:08
Příspěvky: 21607
Bydliště: Ostrava
Muzete mi rict, jak se vam to povedlo takhle za....? :-D Je ten system aspon legalni? :?:

Nejdrive pouzijte tento skript pro FRST a potom zkuste spustit MBAM


:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód:
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SERVICE] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [bbqskugrdz1] => "C:\Users\Líba\AppData\Roaming\m2b4lp5a3py\qyzcha4eu34.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [7X1LS8QYZ6UJNIW] => "C:\Program Files\7U7TRGECCX\7U7TRGECC.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [iud3n1tqz45] => "C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn\1rwfu4rgpr5.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [st5s03echcg] => "C:\Users\Líba\AppData\Roaming\o2vmp42dmwv\fukpsqgxefj.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [sl1lavbyefn] => "C:\Users\Líba\AppData\Roaming\bvskreypyxn\lhuos2op3qi.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [YQYGSRJL7OKDL0V] => "C:\Program Files\GC7L3SEWVN\R1KAI1FMB.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [TWU27P2S5ABJBL0] => "C:\Program Files\KGGZZPL3AX\KGGZZPL3A.exe"
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\Users\Líba\AppData\Roaming\tmp546.dat -> No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION

C:\Users\Líba\AppData\Roaming\m2b4lp5a3py
C:\Program Files\7U7TRGECCX
C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn
C:\Users\Líba\AppData\Roaming\o2vmp42dmwv
C:\Users\Líba\AppData\Roaming\bvskreypyxn
C:\Program Files\GC7L3SEWVN
C:\Program Files\KGGZZPL3AX

AutoConfigURL: [S-1-5-21-306088123-3753404819-704058302-1001] => hxxp://webunstop.net/wpad.dat?fdf7fb351 ... a335892267

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

CHR DefaultSearchURL: Default -> hxxps://search.randomwalktab.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Random Walk Shapes
CHR DefaultSuggestURL: Default -> hxxps://randomwalktab.com/suggestions.php?q={searchTerms}

S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-08-25] () [File not signed]
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

C:\Windows\system32\drivers\026D606F.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\1ADF64B3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\305551FB.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\35CE5447.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\3E3855B8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\4F266BB8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\VB Checkbow Tabs.job => rundll32.exe C:\Program Files\VB Checkbow Tabs\VB Checkbow Tabs.dll

2017-10-02 23:12 - 2017-10-02 23:12 - 000000000 _____ C:\Windows\system32\Drivers\4F266BB8.sys
2017-10-02 23:03 - 2017-10-02 23:03 - 000000000 _____ C:\Windows\system32\Drivers\1ADF64B3.sys
2017-10-02 20:10 - 2017-10-02 20:10 - 000000000 _____ C:\Windows\system32\Drivers\026D606F.sys
2017-10-02 19:56 - 2017-10-02 19:56 - 000000000 _____ C:\Windows\system32\Drivers\3E3855B8.sys
2017-10-02 19:54 - 2017-10-02 19:54 - 000000000 _____ C:\Windows\system32\Drivers\35CE5447.sys
2017-10-02 19:51 - 2017-10-02 19:51 - 000000000 _____ C:\Windows\system32\Drivers\305551FB.sys
2017-10-01 18:25 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\KGGZZPL3AX
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\GC7L3SEWVN
2017-10-01 18:25 - 2017-10-02 20:36 - 000000000 ____D C:\ProgramData\DreamScreen
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\o2vmp42dmwv
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\bvskreypyxn
2017-10-01 18:25 - 2017-10-01 18:56 - 000000000 ____D C:\Users\Líba\AppData\Roaming\System Healer
2017-10-01 18:25 - 2017-10-01 18:25 - 000003434 _____ C:\Windows\System32\Tasks\SystemHealer Monitor
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\Users\Líba\AppData\Roaming\DreamScreen
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\ProgramData\CupCheck
2017-10-01 18:24 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-10-01 18:24 - 2017-10-03 07:21 - 000000000 ____D C:\Program Files\7U7TRGECCX
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\m2b4lp5a3py
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G3.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G2.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G1.job
2017-10-01 18:12 - 2017-10-06 10:21 - 000000414 _____ C:\Windows\Tasks\Updater_Online_Application.job
2017-10-01 18:12 - 2017-10-01 18:18 - 000003308 _____ C:\Windows\System32\Tasks\Updater_Online_Application
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G3
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G2
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G1
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Microleaves
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Local\AdvinstAnalytics
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Program Files (x86)\Microleaves

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 08 říj 2017 14:50 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2017
Ran by Líba (08-10-2017 12:21:54) Run:1
Running from C:\Users\Líba\Desktop
Loaded Profiles: Líba (Available Profiles: Líba)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SERVICE] => [X]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\ DisallowedCertificates: 03D22C9C66915D58C88912B64C1F984B8344EF09 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 0F684EC1163281085C6AF20528878103ACEFCAAB (F-Secure Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 1667908C9E22EFBD0590E088715CC74BE4C60884 (FRISK Software International/F-Prot) <==== ATTENTION
HKLM\ DisallowedCertificates: 18DEA4EFA93B06AE997D234411F3FD72A677EECE (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: 2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF (G DATA Software AG) <==== ATTENTION
HKLM\ DisallowedCertificates: 249BDA38A611CD746A132FA2AF995A2D3C941264 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 31AC96A6C17C425222C46D55C3CCA6BA12E54DAF (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: 331E2046A1CCA7BFEF766724394BE6112B4CA3F7 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: 3353EA609334A9F23A701B9159E30CB6C22D4C59 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 373C33726722D3A5D1EDD1F1585D5D25B39BEA1A (SUPERAntiSpyware.com) <==== ATTENTION
HKLM\ DisallowedCertificates: 3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: 3D496FA682E65FC122351EC29B55AB94F3BB03FC (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: 4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 (PC Tools) <==== ATTENTION
HKLM\ DisallowedCertificates: 42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 4420C99742DF11DD0795BC15B7B0ABF090DC84DF (Doctor Web Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 5240AB5B05D11B37900AC7712A3C6AE42F377C8C (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 5DD3D41810F28B2A13E9A004E6412061E28FA48D (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 7457A3793086DBB58B3858D6476889E3311E550E (K7 Computing Pvt Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 76A9295EF4343E12DFC5FE05DC57227C1AB00D29 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 775B373B33B9D15B58BC02B184704332B97C3CAF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 872CD334B7E7B3C3D1C6114CD6B221026D505EAB (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 88AD5DFE24126872B33175D1778687B642323ACF (McAfee) <==== ATTENTION
HKLM\ DisallowedCertificates: 9132E8B079D080E01D52631690BE18EBC2347C1E (Adaware Software) <==== ATTENTION
HKLM\ DisallowedCertificates: 982D98951CF3C0CA2A02814D474A976CBFF6BDB1 (Safer Networking Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 (Webroot Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C43F665E690AB4D486D4717B456C5554D4BCEB5 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: 9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 (CURIOLAB S.M.B.A.) <==== ATTENTION
HKLM\ DisallowedCertificates: A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: A5341949ABE1407DD7BF7DFE75460D9608FBC309 (BullGuard Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: A59CC32724DD07A6FC33F7806945481A2D13CA2F (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: AD96BB64BA36379D2E354660780C2067B81DA2E0 (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 (Malwarebytes Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: CDC37C22FE9272D8F2610206AD397A45040326B8 (Trend Micro) <==== ATTENTION
HKLM\ DisallowedCertificates: D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 (Kaspersky Lab) <==== ATTENTION
HKLM\ DisallowedCertificates: DB303C9B61282DE525DC754A535CA2D6A9BD3D87 (ThreatTrack Security) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E22240E837B52E691C71DF248F12D27F96441C00 (Total Defense, Inc.) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: ED841A61C0F76025598421BC1B00E24189E68D54 (Bitdefender SRL) <==== ATTENTION
HKLM\ DisallowedCertificates: F83099622B4A9F72CB5081F742164AD1B8D048C9 (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: FBB42F089AF2D570F2BF6F493D107A3255A9BB1A (Panda Security S.L) <==== ATTENTION
HKLM\ DisallowedCertificates: FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 (Doctor Web Ltd.) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [bbqskugrdz1] => "C:\Users\Líba\AppData\Roaming\m2b4lp5a3py\qyzcha4eu34.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [7X1LS8QYZ6UJNIW] => "C:\Program Files\7U7TRGECCX\7U7TRGECC.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [iud3n1tqz45] => "C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn\1rwfu4rgpr5.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [st5s03echcg] => "C:\Users\Líba\AppData\Roaming\o2vmp42dmwv\fukpsqgxefj.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [sl1lavbyefn] => "C:\Users\Líba\AppData\Roaming\bvskreypyxn\lhuos2op3qi.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [YQYGSRJL7OKDL0V] => "C:\Program Files\GC7L3SEWVN\R1KAI1FMB.exe"
HKU\S-1-5-21-306088123-3753404819-704058302-1001\...\Run: [TWU27P2S5ABJBL0] => "C:\Program Files\KGGZZPL3AX\KGGZZPL3A.exe"
IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe
IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\Users\Líba\AppData\Roaming\tmp546.dat -> No File
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION

C:\Users\Líba\AppData\Roaming\m2b4lp5a3py
C:\Program Files\7U7TRGECCX
C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn
C:\Users\Líba\AppData\Roaming\o2vmp42dmwv
C:\Users\Líba\AppData\Roaming\bvskreypyxn
C:\Program Files\GC7L3SEWVN
C:\Program Files\KGGZZPL3AX

AutoConfigURL: [S-1-5-21-306088123-3753404819-704058302-1001] => hxxp://webunstop.net/wpad.dat?fdf7fb351 ... a335892267

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

CHR DefaultSearchURL: Default -> hxxps://search.randomwalktab.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Random Walk Shapes
CHR DefaultSuggestURL: Default -> hxxps://randomwalktab.com/suggestions.php?q={searchTerms}

S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2017-08-25] () [File not signed]
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]

C:\Windows\system32\drivers\026D606F.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\1ADF64B3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\305551FB.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\35CE5447.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\3E3855B8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
C:\Windows\system32\drivers\4F266BB8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

Task: C:\Windows\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\Windows\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\VB Checkbow Tabs.job => rundll32.exe C:\Program Files\VB Checkbow Tabs\VB Checkbow Tabs.dll

2017-10-02 23:12 - 2017-10-02 23:12 - 000000000 _____ C:\Windows\system32\Drivers\4F266BB8.sys
2017-10-02 23:03 - 2017-10-02 23:03 - 000000000 _____ C:\Windows\system32\Drivers\1ADF64B3.sys
2017-10-02 20:10 - 2017-10-02 20:10 - 000000000 _____ C:\Windows\system32\Drivers\026D606F.sys
2017-10-02 19:56 - 2017-10-02 19:56 - 000000000 _____ C:\Windows\system32\Drivers\3E3855B8.sys
2017-10-02 19:54 - 2017-10-02 19:54 - 000000000 _____ C:\Windows\system32\Drivers\35CE5447.sys
2017-10-02 19:51 - 2017-10-02 19:51 - 000000000 _____ C:\Windows\system32\Drivers\305551FB.sys
2017-10-01 18:25 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\KGGZZPL3AX
2017-10-01 18:25 - 2017-10-03 07:25 - 000000000 ____D C:\Program Files\GC7L3SEWVN
2017-10-01 18:25 - 2017-10-02 20:36 - 000000000 ____D C:\ProgramData\DreamScreen
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\o2vmp42dmwv
2017-10-01 18:25 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\bvskreypyxn
2017-10-01 18:25 - 2017-10-01 18:56 - 000000000 ____D C:\Users\Líba\AppData\Roaming\System Healer
2017-10-01 18:25 - 2017-10-01 18:25 - 000003434 _____ C:\Windows\System32\Tasks\SystemHealer Monitor
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\Users\Líba\AppData\Roaming\DreamScreen
2017-10-01 18:25 - 2017-10-01 18:25 - 000000000 ____D C:\ProgramData\CupCheck
2017-10-01 18:24 - 2017-10-03 16:03 - 000000000 ____D C:\Program Files (x86)\ShutdownTime
2017-10-01 18:24 - 2017-10-03 07:21 - 000000000 ____D C:\Program Files\7U7TRGECCX
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\m2b4lp5a3py
2017-10-01 18:24 - 2017-10-01 21:32 - 000000000 ____D C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G3.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G2.job
2017-10-01 18:12 - 2017-10-06 13:31 - 000000382 _____ C:\Windows\Tasks\Online Application V2G1.job
2017-10-01 18:12 - 2017-10-06 10:21 - 000000414 _____ C:\Windows\Tasks\Updater_Online_Application.job
2017-10-01 18:12 - 2017-10-01 18:18 - 000003308 _____ C:\Windows\System32\Tasks\Updater_Online_Application
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G3
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G2
2017-10-01 18:12 - 2017-10-01 18:18 - 000003272 _____ C:\Windows\System32\Tasks\Online Application V2G1
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Roaming\Microleaves
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Users\Líba\AppData\Local\AdvinstAnalytics
2017-10-01 18:12 - 2017-10-01 18:12 - 000000000 ____D C:\Program Files (x86)\Microleaves

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SERVICE => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\03D22C9C66915D58C88912B64C1F984B8344EF09 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\0F684EC1163281085C6AF20528878103ACEFCAAB => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1667908C9E22EFBD0590E088715CC74BE4C60884 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\18DEA4EFA93B06AE997D234411F3FD72A677EECE => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\249BDA38A611CD746A132FA2AF995A2D3C941264 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\331E2046A1CCA7BFEF766724394BE6112B4CA3F7 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3353EA609334A9F23A701B9159E30CB6C22D4C59 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\373C33726722D3A5D1EDD1F1585D5D25B39BEA1A => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3850EDD77CC74EC9F4829AE406BBF9C21E0DA87F => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3D496FA682E65FC122351EC29B55AB94F3BB03FC => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4243A03DB4C3C15149CEA8B38EEA1DA4F26BD159 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\42727E052C0C2E1B35AB53E1005FD9EDC9DE8F01 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4420C99742DF11DD0795BC15B7B0ABF090DC84DF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\4C0AF5719009B7C9D85C5EAEDFA3B7F090FE5FFF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5240AB5B05D11B37900AC7712A3C6AE42F377C8C => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DD3D41810F28B2A13E9A004E6412061E28FA48D => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7457A3793086DBB58B3858D6476889E3311E550E => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\76A9295EF4343E12DFC5FE05DC57227C1AB00D29 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\775B373B33B9D15B58BC02B184704332B97C3CAF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\872CD334B7E7B3C3D1C6114CD6B221026D505EAB => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\88AD5DFE24126872B33175D1778687B642323ACF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9132E8B079D080E01D52631690BE18EBC2347C1E => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\982D98951CF3C0CA2A02814D474A976CBFF6BDB1 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9A08641F7C5F2CCA0888388BE3E5DBDDAAA3B361 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9C43F665E690AB4D486D4717B456C5554D4BCEB5 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9E3F95577B37C74CA2F70C1E1859E798B7FC6B13 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A1F8DCB086E461E2ABB4B46ADCFA0B48C58B6E99 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A5341949ABE1407DD7BF7DFE75460D9608FBC309 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\A59CC32724DD07A6FC33F7806945481A2D13CA2F => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD4C5429E10F4FF6C01840C20ABA344D7401209F => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD96BB64BA36379D2E354660780C2067B81DA2E0 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B8EBF0E696AF77F51C96DB4D044586E2F4F8FD84 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CDC37C22FE9272D8F2610206AD397A45040326B8 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D3F78D747E7C5D6D3AE8ABFDDA7522BFB4CBD598 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB303C9B61282DE525DC754A535CA2D6A9BD3D87 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB77E5CFEC34459146748B667C97B185619251BA => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E22240E837B52E691C71DF248F12D27F96441C00 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\ED841A61C0F76025598421BC1B00E24189E68D54 => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9 => key could not remove, key could be protected
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FBB42F089AF2D570F2BF6F493D107A3255A9BB1A => key removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FFFA650F2CB2ABC0D80527B524DD3F9FC172C138 => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\bbqskugrdz1 => value removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\7X1LS8QYZ6UJNIW => value removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\iud3n1tqz45 => value removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\st5s03echcg => value removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\sl1lavbyefn => value removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\YQYGSRJL7OKDL0V => value removed successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Run\\TWU27P2S5ABJBL0 => value removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => key removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => value removed successfully
HKLM\Software\Classes\CLSID\{5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} => key removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\Líba\AppData\Roaming\m2b4lp5a3py => moved successfully
C:\Program Files\7U7TRGECCX => moved successfully
C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn => moved successfully
C:\Users\Líba\AppData\Roaming\o2vmp42dmwv => moved successfully
C:\Users\Líba\AppData\Roaming\bvskreypyxn => moved successfully
C:\Program Files\GC7L3SEWVN => moved successfully
C:\Program Files\KGGZZPL3AX => moved successfully
HKU\S-1-5-21-306088123-3753404819-704058302-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
HKLM\System\CurrentControlSet\Services\KMS-R@1n => key removed successfully
KMS-R@1n => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMFarflt => key removed successfully
MBAMFarflt => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => key removed successfully
MBAMSwissArmy => service removed successfully
"C:\Windows\system32\drivers\026D606F.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.
"C:\Windows\system32\drivers\1ADF64B3.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.
"C:\Windows\system32\drivers\305551FB.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.
"C:\Windows\system32\drivers\35CE5447.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.
"C:\Windows\system32\drivers\3E3855B8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.
"C:\Windows\system32\drivers\4F266BB8.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION" => not found.
C:\Windows\Tasks\Online Application V2G1.job => moved successfully
C:\Windows\Tasks\Online Application V2G2.job => moved successfully
C:\Windows\Tasks\Online Application V2G3.job => moved successfully
C:\Windows\Tasks\Updater_Online_Application.job => moved successfully
C:\Windows\Tasks\VB Checkbow Tabs.job => moved successfully
C:\Windows\system32\Drivers\4F266BB8.sys => moved successfully
C:\Windows\system32\Drivers\1ADF64B3.sys => moved successfully
C:\Windows\system32\Drivers\026D606F.sys => moved successfully
C:\Windows\system32\Drivers\3E3855B8.sys => moved successfully
C:\Windows\system32\Drivers\35CE5447.sys => moved successfully
C:\Windows\system32\Drivers\305551FB.sys => moved successfully
C:\Program Files (x86)\SystemHealer => moved successfully
"C:\Program Files\KGGZZPL3AX" => not found.
"C:\Program Files\GC7L3SEWVN" => not found.
C:\ProgramData\DreamScreen => moved successfully
"C:\Users\Líba\AppData\Roaming\o2vmp42dmwv" => not found.
"C:\Users\Líba\AppData\Roaming\bvskreypyxn" => not found.
C:\Users\Líba\AppData\Roaming\System Healer => moved successfully
C:\Windows\System32\Tasks\SystemHealer Monitor => moved successfully
C:\Users\Líba\AppData\Roaming\DreamScreen => moved successfully
C:\ProgramData\CupCheck => moved successfully
C:\Program Files (x86)\ShutdownTime => moved successfully
"C:\Program Files\7U7TRGECCX" => not found.
"C:\Users\Líba\AppData\Roaming\m2b4lp5a3py" => not found.
"C:\Users\Líba\AppData\Roaming\0hbzbh5d3sn" => not found.
"C:\Windows\Tasks\Online Application V2G3.job" => not found.
"C:\Windows\Tasks\Online Application V2G2.job" => not found.
"C:\Windows\Tasks\Online Application V2G1.job" => not found.
"C:\Windows\Tasks\Updater_Online_Application.job" => not found.
C:\Windows\System32\Tasks\Updater_Online_Application => moved successfully
C:\Windows\System32\Tasks\Online Application V2G3 => moved successfully
C:\Windows\System32\Tasks\Online Application V2G2 => moved successfully
C:\Windows\System32\Tasks\Online Application V2G1 => moved successfully
C:\Users\Líba\AppData\Roaming\Microleaves => moved successfully
C:\Users\Líba\AppData\Local\AdvinstAnalytics => moved successfully
C:\Program Files (x86)\Microleaves => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32013365 B
Java, Flash, Steam htmlcache => 893 B
Windows/system/drivers => 2280818 B
Edge => 570097 B
Chrome => 267642315 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 49926 B
systemprofile32 => 128 B
LocalService => 992416 B
NetworkService => 164248176 B
Líba => 394511680 B

RecycleBin => 0 B
EmptyTemp: => 822.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-10-2017 12:27:31)


Result of scheduled keys to remove after reboot:

HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F83099622B4A9F72CB5081F742164AD1B8D048C9 => key removed successfully

==== End of Fixlog 12:27:31 ====


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 12 říj 2017 09:18 
Offline
Moderátor
Moderátor

Registrován: 05 pro 2009 20:08
Příspěvky: 21607
Bydliště: Ostrava
:???: Tak jak to vypada s tim MBAM? Jede? Nebo nejde spustit?

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 13 říj 2017 10:04 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
jde spustit


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 13 říj 2017 10:25 
Offline
Návštěvník
Návštěvník

Registrován: 20 črc 2015 07:18
Příspěvky: 39
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 13.10.17
Čas skenování: 11:08
Logovací soubor: 164a9bc4-aff6-11e7-a77e-90004ef5ab17.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3005
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 10586.1176)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-B7MNK66\L\u00c3\u00adba

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 331736
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 15 min, 16 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
Adware.Linkury.TskLnk, C:\USERS\LíBA\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Žádná uživatelská akce, [3946], [444923],1.0.3005

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)


Nahoru
 Profil  
Odpovědět s citací  
 Předmět příspěvku: Re: zavirováno
PříspěvekNapsal: 14 říj 2017 07:22 
Offline
Moderátor
Moderátor

Registrován: 05 pro 2009 20:08
Příspěvky: 21607
Bydliště: Ostrava
:arrow: Nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (ale tentokrat opravdu se spravnym nastavenim - tohle byl jen Sken hrozeb, ten nekontroluje cely pocitac, ja chtel Vlastni sken vsech disku), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

_________________
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).


Nahoru
 Profil  
Odpovědět s citací  
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Odpovědět na téma  [ Příspěvků: 12 ] 

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Přispějete na provoz fóra?
>