Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Počítač se sám restartuje

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Shaft
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 kvě 2017 10:31

Počítač se sám restartuje

#1 Příspěvek od Shaft »

Dobrý den,

chtěl bych poprosit o pomoct. Již asi měsíc se PC sám od sebe restartuje (předchází tomu zamrznutí) vždy třeba po 2-3 dnech. Počítač je starý 8 měsíců, tak by to snad nic s HW nemělo být. Děkuji a přikládám log z RSIT

Logfile of random's system information tool 1.16 (written by random/random)
Run by DomaBen at 2018-01-15 16:00:55
Microsoft Windows 10 Home
System drive C: has 579 GB (61%) free of 953 GB
Total RAM: 8140 MB (55% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:00:58, on 15.01.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
C:\ProgramData\Battle.net\Agent\Agent.5996\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
C:\Program Files\trend micro\DomaBen_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 61721D3146
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [MSIRegister] "C:\MSI\MSIRegister\MSIRegister.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\DomaBen\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\DomaBen\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Discord] C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\WINDOWS\system32\IntelCpHDCPSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSIREGISTER_MR - Micro-Star INT'L CO., LTD. - C:\MSI\MSIRegister\MSIRegisterService.exe
O23 - Service: MSISleep - Unknown owner - C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 9479 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Tube Catalog\Tube Catalog.dll",rbZGFjhhSI
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\MSI\MSIRegister\MSIRegisterService.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\ctfmon.exe
"C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
"C:\Program Files (x86)\MSI\Live Update\Live Update.exe" /REMINDER
"C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe" --type=gpu-process --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,20,23,26,40,71 --gpu-vendor-id=0x1002 --gpu-device-id=0x67ef --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.677.257 --gpu-driver-date=9-22-2017 --service-request-channel-token=99544DFCB8E07501C63A26080F8229B3 --mojo-platform-channel-handle=1600 /prefetch:2
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe" --type=renderer --no-sandbox --primordial-pipe-token=0CFF4CED35A4682DBAD9FD75C94A3D26 --lang=cs --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\resources\app.asar" --node-integration=true --background-color=#282b30 --enable-blink-features=EnumerateDevices,AudioOutputDevices --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=0CFF4CED35A4682DBAD9FD75C94A3D26 --renderer-client-id=6 --mojo-platform-channel-handle=2572 /prefetch:1
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8730.21725.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8730.21725.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\Windows.WARP.JITService.exe 8c491339-7d7e-4e52-8904-049275d30c52 S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915 S-1-5-21-846297262-2386938783-804682285-1005 552
C:\WINDOWS\system32\Windows.WARP.JITService.exe 8c49133a-7d7e-4e52-8904-049275d30c52 S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915 S-1-5-21-846297262-2386938783-804682285-1005 604
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\Windows.WARP.JITService.exe 8c491347-7d7e-4e52-8904-049275d30c52 S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915 S-1-5-21-846297262-2386938783-804682285-1005 920
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\ProgramData\Battle.net\Agent\Agent.5996\Agent.exe" --locale=enUS --session=16963509477168794118
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --game=diablo3_enus "--gamepath=C:\Program Files (x86)\Diablo III"
C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x2c4
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\Windows.WARP.JITService.exe 8c491349-7d7e-4e52-8904-049275d30c52 S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915 S-1-5-21-846297262-2386938783-804682285-1005 936
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-846297262-2386938783-804682285-1005184_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-846297262-2386938783-804682285-1005184 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 736 744 752 8192 748
C:\WINDOWS\system32\Windows.WARP.JITService.exe 8c49134b-7d7e-4e52-8904-049275d30c52 S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-4256926629-1688279915-2739229046-3928706915 S-1-5-21-846297262-2386938783-804682285-1005 764
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\DomaBen\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RSITx64.exe"

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-846297262-2386938783-804682285-1005 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1506273011 - C:\Users\DomaBen\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Overwolf Updater Task - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
C:\WINDOWS\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\WINDOWS\system32\tasks\Tube Catalog - C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Tube Catalog\Tube Catalog.dll",rbZGFjhhSI
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{16084371-2B92-4938-9501-352E6094AD44} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{4B834254-3329-4E1F-8051-0910916CA91F} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{632FA941-D6C6-45C4-A575-20AB4C1DC63D} - "c:\windows\system32\launchwinapp.exe" https://ui.skype.com/ui/0/7.40.0.104/cs ... rogressBar
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WaaSMedic\PerformRemediation - %systemroot%\System32\WaaSMedic.exe None
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe

=========Google Chrome=========

C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 0 Seznam pro Chrome - Email 4.1.1
Extension blmojkbhnkkphngknkmgccmlenfaelkd 0 Seznam pro Chrome - Esko- 4.1.1
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension dgbldpiollgaehnlegmfhioconikkjjh 1 Trustnav adblocker 1.1
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension hgjdbeiflalimgifllheflljdconlbig 1 Trustnav Safesearch 2.1
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.5
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam pro Chrome - Esko 4.1.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6317.1002.0.5
Homepage:
default_search_provider.search_url:
C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-24 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-24 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-12-09 9181696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\DomaBen\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-10 1551048]
"cz.seznam.software.autoupdate"=C:\Users\DomaBen\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
"Discord"=C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe [2018-01-08 57821176]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2015-04-22 759120]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2016-11-21 1022928]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2017-11-01 26107576]
"MSIRegister"=C:\MSI\MSIRegister\MSIRegister.exe [2017-07-11 1262544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-01-12 17:24:25 ----D---- C:\WINDOWS\system32\drivers\wd
2018-01-04 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-01-04 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-01-04 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-01-04 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-01-04 22:29:04 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-01-04 22:29:03 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2018-01-04 22:29:02 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-01-04 22:29:02 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-01-04 22:29:02 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-01-04 22:29:02 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-01-04 22:29:02 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-04 22:29:02 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-01-04 22:29:02 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-01-04 22:29:01 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\hal.dll
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-01-04 22:29:01 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-01-04 22:29:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-04 22:29:00 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-01-04 22:29:00 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-01-04 22:29:00 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-01-04 22:29:00 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-01-04 22:29:00 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-01-04 22:29:00 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-01-04 22:28:59 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-04 22:28:59 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-01-04 22:28:58 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-01-04 22:28:58 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-01-04 22:28:58 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-01-04 22:28:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-01-04 22:28:57 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\jscript.dll
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-01-04 22:28:57 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-01-04 22:28:56 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-01-04 22:28:56 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-01-04 22:28:56 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-01-04 22:28:56 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-01-04 22:28:56 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-01-04 22:28:56 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-01-04 22:28:55 ----A---- C:\WINDOWS\system32\services.exe
2018-01-04 22:28:55 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-01-04 22:28:55 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-04 22:28:54 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-01-04 22:28:54 ----A---- C:\WINDOWS\system32\wlansec.dll
2018-01-04 22:28:54 ----A---- C:\WINDOWS\system32\wininet.dll
2018-01-04 22:28:54 ----A---- C:\WINDOWS\system32\msIso.dll
2018-01-04 22:28:54 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-01-04 22:28:54 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-01-04 22:28:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-01-04 22:28:52 ----A---- C:\WINDOWS\system32\wmp.dll
2018-01-04 22:28:52 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-01-04 22:28:52 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-01-04 22:28:51 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-01-04 22:28:51 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-01-04 22:28:51 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-01-04 22:28:50 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-01-04 22:28:50 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-01-04 22:28:49 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2018-01-04 22:28:49 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-01-04 22:28:49 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-01-04 22:28:49 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-01-04 22:28:48 ----A---- C:\WINDOWS\system32\wow64.dll
2018-01-04 22:28:48 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-01-04 22:28:48 ----A---- C:\WINDOWS\system32\shell32.dll
2018-01-04 22:28:48 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-01-04 22:28:48 ----A---- C:\WINDOWS\explorer.exe
2018-01-04 22:28:47 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-01-04 22:28:47 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-01-04 22:28:46 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-04 22:28:44 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-01-04 22:28:44 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-01-04 22:28:44 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-01-04 22:28:44 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-04 22:28:44 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-04 22:28:44 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-04 22:28:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-01-04 22:28:43 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-04 22:28:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-01-04 22:28:43 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-01-04 22:28:42 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-01-04 22:28:42 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-01-04 22:28:42 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-01-04 22:28:41 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\winload.exe
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\vac.exe
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-01-04 22:28:41 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-01-04 22:28:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-01-04 22:28:40 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-01-04 22:28:40 ----A---- C:\WINDOWS\system32\provtool.exe
2018-01-04 22:28:40 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-01-04 22:28:40 ----A---- C:\WINDOWS\system32\provhandlers.dll
2018-01-04 22:28:40 ----A---- C:\WINDOWS\system32\provengine.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\ole32.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\InputService.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\ieui.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\EncDec.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-01-04 22:28:39 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\SYSWOW64\EncDec.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\winresume.exe
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-01-04 22:28:37 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-01-04 22:28:36 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-01-04 22:28:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\skci.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\mfps.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\container.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-04 22:28:35 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-01-04 22:28:34 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\P2P.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\nshhttp.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\efscore.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-01-04 22:28:33 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\msoert2.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\rasauto.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\provdatastore.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\msoert2.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-01-04 22:28:31 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-01-04 22:28:30 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll

====== List of files/folders modified in the last 1 month ======

2018-01-15 16:00:57 ----D---- C:\Program Files\trend micro
2018-01-15 16:00:37 ----D---- C:\WINDOWS\Prefetch
2018-01-15 15:55:00 ----D---- C:\WINDOWS\system32\sru
2018-01-15 15:47:27 ----D---- C:\WINDOWS\Temp
2018-01-15 15:25:54 ----AD---- C:\Program Files (x86)\World of Warcraft
2018-01-15 14:47:46 ----AD---- C:\Program Files (x86)\Battle.net
2018-01-15 11:47:22 ----D---- C:\WINDOWS\system32\SleepStudy
2018-01-15 11:32:26 ----SHD---- C:\System Volume Information
2018-01-15 10:52:44 ----D---- C:\WINDOWS\system32\LogFiles
2018-01-14 21:22:32 ----D---- C:\Program Files (x86)\Steam
2018-01-14 20:42:41 ----D---- C:\WINDOWS\Logs
2018-01-14 20:40:55 ----RD---- C:\WINDOWS\Microsoft.NET
2018-01-14 20:18:09 ----AD---- C:\Program Files (x86)\Heroes of the Storm
2018-01-14 19:23:18 ----D---- C:\Games
2018-01-14 19:23:00 ----HD---- C:\Program Files\WindowsApps
2018-01-14 19:23:00 ----D---- C:\WINDOWS\AppReadiness
2018-01-14 18:37:24 ----D---- C:\WINDOWS\system32\config
2018-01-14 18:16:14 ----D---- C:\WINDOWS\WinSxS
2018-01-14 18:16:05 ----D---- C:\WINDOWS\system32\catroot2
2018-01-14 18:15:32 ----D---- C:\WINDOWS\CbsTemp
2018-01-14 14:29:18 ----D---- C:\WINDOWS\DeliveryOptimization
2018-01-14 13:33:20 ----D---- C:\Users\DomaBen\AppData\Roaming\.minecraft
2018-01-13 22:58:05 ----D---- C:\Users\DomaBen\AppData\Roaming\uTorrent
2018-01-12 22:33:51 ----D---- C:\Users\DomaBen\AppData\Roaming\Skype
2018-01-12 19:54:57 ----D---- C:\WINDOWS\Minidump
2018-01-12 19:35:06 ----AD---- C:\Program Files (x86)\Overwatch
2018-01-12 17:30:55 ----D---- C:\WINDOWS\System32
2018-01-12 17:30:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-12 17:24:25 ----D---- C:\WINDOWS\system32\drivers
2018-01-12 17:24:25 ----AD---- C:\Program Files (x86)\Hi-Rez Studios
2018-01-12 17:24:03 ----D---- C:\Windows
2018-01-11 20:21:07 ----D---- C:\Users\DomaBen\AppData\Roaming\TS3Client
2018-01-10 12:18:09 ----D---- C:\WINDOWS\system32\Tasks
2018-01-09 19:59:36 ----D---- C:\WINDOWS\system32\MRT
2018-01-09 19:57:47 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-09 19:57:40 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-01-09 19:57:29 ----D---- C:\WINDOWS\SysWOW64
2018-01-09 15:17:28 ----D---- C:\Users\DomaBen\AppData\Roaming\discord
2018-01-08 16:54:01 ----D---- C:\WINDOWS\system32\DriverStore
2018-01-08 13:59:00 ----D---- C:\WINDOWS\rescache
2018-01-08 13:56:54 ----RSD---- C:\WINDOWS\assembly
2018-01-05 17:04:09 ----AD---- C:\Program Files (x86)\Overwatch Test
2018-01-05 15:31:55 ----D---- C:\WINDOWS\INF
2018-01-04 22:42:55 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-01-04 22:42:55 ----D---- C:\WINDOWS\TextInput
2018-01-04 22:42:55 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-01-04 22:42:55 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-01-04 22:42:54 ----SD---- C:\WINDOWS\system32\F12
2018-01-04 22:42:54 ----RSD---- C:\WINDOWS\Fonts
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\oobe
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\migwiz
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\migration
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\en-US
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\Dism
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\Boot
2018-01-04 22:42:54 ----D---- C:\WINDOWS\system32\appraiser
2018-01-04 22:42:54 ----D---- C:\WINDOWS\Provisioning
2018-01-04 22:42:54 ----D---- C:\WINDOWS\apppatch
2018-01-04 22:42:54 ----D---- C:\Program Files\internet explorer
2018-01-04 22:42:54 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-04 22:30:54 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-01-04 22:30:25 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-01-04 22:30:21 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2017-12-30 21:15:56 ----D---- C:\Program Files (x86)\Mr DJ
2017-12-28 12:03:28 ----D---- C:\Users\DomaBen\AppData\Roaming\EasyAntiCheat
2017-12-24 22:54:54 ----D---- C:\ProgramData\Oracle
2017-12-24 22:54:42 ----SHDC---- C:\WINDOWS\Installer
2017-12-24 22:54:41 ----SHD---- C:\Config.Msi
2017-12-24 22:54:40 ----D---- C:\Program Files (x86)\Java
2017-12-24 22:54:22 ----D---- C:\Program Files (x86)\Common Files
2017-12-24 22:53:27 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2017-12-24 22:53:21 ----RD---- C:\Program Files (x86)
2017-12-22 14:45:56 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-12-20 20:51:22 ----D---- C:\WINDOWS\SYSWOW64\directx
2017-12-20 20:50:25 ----HD---- C:\WINDOWS\msdownld.tmp
2017-12-19 13:34:59 ----SD---- C:\ProgramData\Microsoft
2017-12-18 20:51:08 ----D---- C:\WINDOWS\system32\WDI
2017-12-18 20:48:52 ----RSD---- C:\WINDOWS\media
2017-12-18 20:25:34 ----D---- C:\Program Files (x86)\Zrychleni Pocitace

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 amdkmpfd;@oem32.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-06-04 73976]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 MpKsl87d401bf;MpKsl87d401bf; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{58586AE1-7225-4F3D-B457-FC37405CF824}\MpKsl87d401bf.sys [2018-01-15 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-01-01 385024]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [2017-10-13 38774688]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [2017-10-13 549792]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-03-17 25816]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2012-10-26 13368]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
R3 rt640x64;@oem47.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-05-17 937728]
S0 amdkmafd;@oem30.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-07-28 40720]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 amdkmcsp;AMD Kernel Mode CSP Service; C:\WINDOWS\System32\drivers\amdkmcsp.sys [2015-06-23 101104]
S3 amdpsp;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2015-06-23 277240]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 AtiHDAudioService;@oem80.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-04-26 110096]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-03-16 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-03-16 47672]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2017-09-29 28160]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iaLPSS2_I2C;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [2015-06-16 185128]
S3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2015-06-16 281896]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-03-17 64216]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-01-01 192512]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-09-29 1849752]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-10-13 560544]
R2 CDPUserSvc_4fd8bbd;Uživatelská služba platformy připojených zařízení_4fd8bbd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-09-20 9728]
R2 MSI_FastBoot;MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2015-06-04 105296]
R2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2017-11-01 2304696]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2016-11-21 163792]
R2 MSIREGISTER_MR;MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [2017-07-11 128976]
R2 MSISleep;MSISleep; C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [2013-04-29 282624]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-06-17 937616]
R2 OneSyncSvc_4fd8bbd;Hostitel synchronizace_4fd8bbd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-01-01 519152]
R2 tbaseprovisioning;tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [2015-06-23 60432]
R3 PimIndexMaintenanceSvc_4fd8bbd;Data kontaktů_4fd8bbd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-12-08 6998536]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [2015-10-06 595560]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_4fd8bbd;Tok zařízení_4fd8bbd; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2017-08-03 382504]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-30 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_4fd8bbd;Služba zasílání zpráv_4fd8bbd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-11-12 1451336]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_4fd8bbd;PrintWorkflow_4fd8bbd; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-12-15 1644832]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Počítač se sám restartuje

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Shaft
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 kvě 2017 10:31

Re: Počítač se sám restartuje

#3 Příspěvek od Shaft »

Zdravím,

přikládám log.

# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 16 13:01:56 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\Zrychleni Pocitace
Deleted: C:\Users\DomaBen\AppData\Roaming\PCPRJ
Deleted: C:\Users\DomaBen\AppData\Local\Tencent
Deleted: C:\Users\DomaBen\AppData\Local\Поиcк в Интeрнете
Deleted: C:\Users\DomaBen\AppData\Local\Вoйти в Интeрнет


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mail.ru
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\meteorologicke-stanice.heureka.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\meteorologicke-stanice.heureka.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.akcniceny.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted: [Key] - HKLM\SOFTWARE\PC
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\PC
Deleted: [Key] - HKCU\Software\PC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKCU\Software\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKCU\Software\Microsoft\{1f7ee1a8-4436-4ffc-b97b-b5b01e87d3d2}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|gplyra
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\directx.cs.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\gamers-academy.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\microsoft-powerpoint.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\the-sims-4.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\the-walking-dead.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\directx.cs.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\gamers-academy.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\microsoft-powerpoint.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\the-sims-4.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\the-walking-dead.en.softonic.com
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\NetBox
Deleted: [Key] - HKCU\Software\NetBox
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\msaver
Deleted: [Key] - HKCU\Software\msaver
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKCU\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Hotspot
Deleted: [Key] - HKCU\Software\Hotspot
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Xpom
Deleted: [Key] - HKCU\Software\Xpom
Deleted: [Key] - HKLM\SOFTWARE\Mail.Ru
Deleted: [Key] - HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
Deleted: [Key] - HKLM\SOFTWARE\PCPRJ
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\PCPRJ
Deleted: [Key] - HKCU\Software\PCPRJ
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Amigo
Deleted: [Key] - HKCU\Software\Amigo
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Installer
Deleted: [Key] - HKCU\Software\Installer
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Microsoft\PrAmNP
Deleted: [Key] - HKCU\Software\Microsoft\PrAmNP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted: [Key] - HKU\S-1-5-21-846297262-2386938783-804682285-1005\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\FileSystemDriver
Deleted: [Key] - HKLM\SOFTWARE\DllKitPRO
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [11375 B] - [2018/1/16 13:0:27]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Počítač se sám restartuje

#4 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Shaft
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 kvě 2017 10:31

Re: Počítač se sám restartuje

#5 Příspěvek od Shaft »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2018
Ran by DomaBen (administrator) on DESKTOP-DCS8FIB (16-01-2018 18:09:04)
Running from C:\Users\DomaBen\Desktop
Loaded Profiles: DomaBen (Available Profiles: DomaBen)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Discord Inc.) C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Discord Inc.) C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Discord Inc.) C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5996\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.9747\Battle.net Helper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(forum.viry.cz) C:\Users\DomaBen\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2016-11-21] (MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26107576 2017-11-01] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1262544 2017-07-11] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-846297262-2386938783-804682285-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\DomaBen\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-846297262-2386938783-804682285-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-846297262-2386938783-804682285-1005\...\Run: [Discord] => C:\Users\DomaBen\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{85ff6dd3-4c8c-470f-ab89-75e03e1b394e}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {03B2CDB6-B62A-40A3-B0AD-6EC041EE174F} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {317BE5A5-4FFE-4198-A6C0-42270FCAE32B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {6A8F0D7C-FFA2-4D66-8F6A-5DE28E7539BD} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {95F0BC9F-1FE2-4D0B-A1E6-54C76CD6111C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {C4560029-7E06-4244-AB65-FA4F62308745} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {C6928916-E205-41D5-BA51-7979373361D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {DB66E819-2100-4BC6-9E38-E1822E69A06A} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {DB7042F8-42EC-46C5-A037-877AFDDF650A} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-846297262-2386938783-804682285-1005 -> {E51B3B37-DCA4-4329-9A13-A3AD5FDC0546} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-12-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-24] (Oracle Corporation)

Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-05-22]

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2017-07-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2017-07-18] ()
FF Plugin-x32: @haitao.com/npHaitaoPlugin -> C:\Users\DomaBen\AppData\Local\htyh\application\htwebHelper.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-12-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://safesearch.trustnav.com/?src=ext&action=search&q={searchTerms}
CHR DefaultSearchKeyword: Default -> trustnav
CHR Profile: C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default [2018-01-16]
CHR Extension: (Prezentace) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-17]
CHR Extension: (Dokumenty) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-17]
CHR Extension: (Disk Google) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-17]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-01-11]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-01-11]
CHR Extension: (YouTube) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-17]
CHR Extension: (Trustnav adblocker) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgbldpiollgaehnlegmfhioconikkjjh [2017-12-18]
CHR Extension: (Tabulky) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-18]
CHR Extension: (Trustnav safe search) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig [2017-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-17]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-01-11]
CHR Extension: (Gmail) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-17]
CHR Extension: (Chrome Media Router) - C:\Users\DomaBen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-18]
CHR HKU\S-1-5-21-846297262-2386938783-804682285-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-846297262-2386938783-804682285-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-846297262-2386938783-804682285-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6998536 2017-12-08] ()
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [595560 2015-10-06] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-08-03] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-20] (Hi-Rez Studios) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (Micro-Star INT'L CO., LTD.)
R2 MSISleep; C:\Program Files (x86)\MSI\ControlCenter\Sleep\MSISleepService.exe [282624 2013-04-29] () [File not signed]
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2304696 2017-11-01] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163792 2016-11-21] (MSI)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-11-12] (Overwolf LTD)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-08] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-08] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\WINDOWS\System32\drivers\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
S3 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. )
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-16] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-16] (Disc Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R1 MpKsl21c3eebd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9E029E1C-F411-4C71-BB03-B9D3EA4B956E}\MpKsl21c3eebd.sys [58120 2018-01-16] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-08] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-08] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-07-13] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-16 18:09 - 2018-01-16 18:09 - 000017418 _____ C:\Users\DomaBen\Desktop\FRST.txt
2018-01-16 18:07 - 2018-01-16 18:07 - 000112640 _____ (forum.viry.cz) C:\Users\DomaBen\Desktop\FRSTLauncher.exe
2018-01-16 17:59 - 2018-01-16 18:09 - 000000000 ____D C:\FRST
2018-01-16 17:53 - 2018-01-16 17:53 - 002393088 _____ (Farbar) C:\Users\DomaBen\Desktop\FRST64.exe
2018-01-16 14:09 - 2018-01-16 14:09 - 000000000 ____D C:\Users\DomaBen\AppData\Local\PlaceholderTileLogoFolder
2018-01-16 14:03 - 2018-01-16 14:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-16 13:58 - 2018-01-16 14:00 - 000000000 ____D C:\AdwCleaner
2018-01-04 22:29 - 2018-01-01 13:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-04 22:29 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-04 22:29 - 2018-01-01 13:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-04 22:29 - 2018-01-01 13:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-04 22:29 - 2018-01-01 13:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-04 22:29 - 2018-01-01 13:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-04 22:29 - 2018-01-01 13:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-04 22:29 - 2018-01-01 13:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-04 22:29 - 2018-01-01 13:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-04 22:29 - 2018-01-01 13:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-04 22:29 - 2018-01-01 12:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-04 22:29 - 2018-01-01 12:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-04 22:29 - 2018-01-01 12:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-04 22:29 - 2018-01-01 12:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-04 22:29 - 2018-01-01 12:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-04 22:29 - 2018-01-01 12:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-04 22:29 - 2018-01-01 12:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-04 22:29 - 2018-01-01 12:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-04 22:29 - 2018-01-01 12:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-04 22:29 - 2018-01-01 12:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-04 22:29 - 2018-01-01 12:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-04 22:29 - 2018-01-01 12:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-04 22:29 - 2018-01-01 12:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-04 22:29 - 2018-01-01 12:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-04 22:29 - 2018-01-01 12:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-04 22:29 - 2018-01-01 12:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-04 22:29 - 2018-01-01 12:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-04 22:29 - 2018-01-01 12:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-04 22:29 - 2018-01-01 12:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-04 22:29 - 2018-01-01 12:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-04 22:29 - 2018-01-01 12:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-04 22:29 - 2018-01-01 12:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-04 22:29 - 2018-01-01 12:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-04 22:29 - 2018-01-01 12:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-04 22:29 - 2018-01-01 12:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-04 22:29 - 2018-01-01 12:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-04 22:28 - 2018-01-01 18:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-04 22:28 - 2018-01-01 13:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-04 22:28 - 2018-01-01 13:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-04 22:28 - 2018-01-01 13:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-04 22:28 - 2018-01-01 13:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-04 22:28 - 2018-01-01 13:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-04 22:28 - 2018-01-01 13:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-04 22:28 - 2018-01-01 13:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-04 22:28 - 2018-01-01 13:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-04 22:28 - 2018-01-01 13:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-04 22:28 - 2018-01-01 13:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-04 22:28 - 2018-01-01 13:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-04 22:28 - 2018-01-01 13:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-04 22:28 - 2018-01-01 13:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-04 22:28 - 2018-01-01 13:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-04 22:28 - 2018-01-01 13:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-04 22:28 - 2018-01-01 13:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-04 22:28 - 2018-01-01 13:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-04 22:28 - 2018-01-01 13:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-04 22:28 - 2018-01-01 13:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-04 22:28 - 2018-01-01 13:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-04 22:28 - 2018-01-01 13:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-04 22:28 - 2018-01-01 13:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-04 22:28 - 2018-01-01 13:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-04 22:28 - 2018-01-01 13:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-04 22:28 - 2018-01-01 13:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-04 22:28 - 2018-01-01 13:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-04 22:28 - 2018-01-01 13:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-04 22:28 - 2018-01-01 13:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-04 22:28 - 2018-01-01 13:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-04 22:28 - 2018-01-01 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-04 22:28 - 2018-01-01 13:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-04 22:28 - 2018-01-01 13:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-04 22:28 - 2018-01-01 13:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-04 22:28 - 2018-01-01 13:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-04 22:28 - 2018-01-01 13:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-04 22:28 - 2018-01-01 13:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-04 22:28 - 2018-01-01 13:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-04 22:28 - 2018-01-01 13:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-04 22:28 - 2018-01-01 13:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-04 22:28 - 2018-01-01 13:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-04 22:28 - 2018-01-01 13:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-04 22:28 - 2018-01-01 13:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-04 22:28 - 2018-01-01 13:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-04 22:28 - 2018-01-01 13:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-04 22:28 - 2018-01-01 13:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-04 22:28 - 2018-01-01 13:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-04 22:28 - 2018-01-01 13:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-04 22:28 - 2018-01-01 13:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-04 22:28 - 2018-01-01 13:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-04 22:28 - 2018-01-01 13:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-04 22:28 - 2018-01-01 13:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-04 22:28 - 2018-01-01 13:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-04 22:28 - 2018-01-01 13:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-04 22:28 - 2018-01-01 13:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-04 22:28 - 2018-01-01 13:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-04 22:28 - 2018-01-01 13:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-04 22:28 - 2018-01-01 13:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-04 22:28 - 2018-01-01 13:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-04 22:28 - 2018-01-01 13:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-04 22:28 - 2018-01-01 13:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-04 22:28 - 2018-01-01 13:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-04 22:28 - 2018-01-01 13:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-04 22:28 - 2018-01-01 13:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-04 22:28 - 2018-01-01 13:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-04 22:28 - 2018-01-01 13:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-04 22:28 - 2018-01-01 13:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-04 22:28 - 2018-01-01 13:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-04 22:28 - 2018-01-01 13:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-04 22:28 - 2018-01-01 13:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-04 22:28 - 2018-01-01 13:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-04 22:28 - 2018-01-01 13:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-04 22:28 - 2018-01-01 12:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-04 22:28 - 2018-01-01 12:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-04 22:28 - 2018-01-01 12:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-04 22:28 - 2018-01-01 12:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-04 22:28 - 2018-01-01 12:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-04 22:28 - 2018-01-01 12:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-04 22:28 - 2018-01-01 12:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-04 22:28 - 2018-01-01 12:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-04 22:28 - 2018-01-01 12:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-04 22:28 - 2018-01-01 12:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-04 22:28 - 2018-01-01 12:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-04 22:28 - 2018-01-01 12:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-04 22:28 - 2018-01-01 12:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-04 22:28 - 2018-01-01 12:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-04 22:28 - 2018-01-01 12:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-04 22:28 - 2018-01-01 12:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-04 22:28 - 2018-01-01 12:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-04 22:28 - 2018-01-01 12:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-04 22:28 - 2018-01-01 12:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-04 22:28 - 2018-01-01 12:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-04 22:28 - 2018-01-01 12:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-04 22:28 - 2018-01-01 12:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-04 22:28 - 2018-01-01 12:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-04 22:28 - 2018-01-01 12:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-04 22:28 - 2018-01-01 12:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-04 22:28 - 2018-01-01 12:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-04 22:28 - 2018-01-01 12:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-04 22:28 - 2018-01-01 12:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-04 22:28 - 2018-01-01 12:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-04 22:28 - 2018-01-01 12:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-04 22:28 - 2018-01-01 12:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-04 22:28 - 2018-01-01 12:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-04 22:28 - 2018-01-01 12:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-04 22:28 - 2018-01-01 12:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-04 22:28 - 2018-01-01 12:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-04 22:28 - 2018-01-01 12:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-04 22:28 - 2018-01-01 12:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-04 22:28 - 2018-01-01 12:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-04 22:28 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-04 22:28 - 2018-01-01 12:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-04 22:28 - 2018-01-01 12:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-04 22:28 - 2018-01-01 12:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-04 22:28 - 2018-01-01 12:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-04 22:28 - 2018-01-01 12:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-04 22:28 - 2018-01-01 12:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-04 22:28 - 2018-01-01 12:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-04 22:28 - 2018-01-01 12:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-04 22:28 - 2018-01-01 12:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-04 22:28 - 2018-01-01 12:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-04 22:28 - 2018-01-01 12:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-04 22:28 - 2018-01-01 12:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-04 22:28 - 2018-01-01 12:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-04 22:28 - 2018-01-01 12:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-04 22:28 - 2018-01-01 12:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-04 22:28 - 2018-01-01 12:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-04 22:28 - 2018-01-01 12:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-04 22:28 - 2018-01-01 12:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-04 22:28 - 2018-01-01 12:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-04 22:28 - 2018-01-01 12:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-04 22:28 - 2018-01-01 12:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-04 22:28 - 2018-01-01 12:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-04 22:28 - 2018-01-01 12:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-04 22:28 - 2018-01-01 12:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-04 22:28 - 2018-01-01 12:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-04 22:28 - 2018-01-01 12:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-04 22:28 - 2018-01-01 12:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-04 22:28 - 2018-01-01 12:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-04 22:28 - 2018-01-01 12:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-04 22:28 - 2018-01-01 12:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-04 22:28 - 2018-01-01 12:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-04 22:28 - 2018-01-01 12:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-04 22:28 - 2018-01-01 12:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-04 22:28 - 2018-01-01 12:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-04 22:28 - 2018-01-01 12:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-04 22:28 - 2018-01-01 12:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-04 22:28 - 2018-01-01 12:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-04 22:28 - 2018-01-01 12:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-04 22:28 - 2018-01-01 12:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-04 22:28 - 2018-01-01 12:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-04 22:28 - 2018-01-01 12:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-04 22:28 - 2018-01-01 12:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-04 22:28 - 2018-01-01 12:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2017-12-29 13:08 - 2017-12-29 13:08 - 000000222 _____ C:\Users\DomaBen\Desktop\Paladins.url
2017-12-27 20:35 - 2017-12-27 20:35 - 000000219 _____ C:\Users\DomaBen\Desktop\Left 4 Dead 2.url
2017-12-22 12:41 - 2017-12-22 12:41 - 000000000 ____D C:\Users\DomaBen\AppData\Local\Skyrim

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-16 18:09 - 2017-07-13 19:20 - 000086076 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-01-16 18:09 - 2017-01-11 13:31 - 000000000 ____D C:\Users\DomaBen\AppData\Local\Battle.net
2018-01-16 14:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-16 14:11 - 2017-01-11 16:59 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2018-01-16 14:10 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-16 14:10 - 2017-01-11 13:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-01-16 14:09 - 2017-12-01 10:55 - 000000000 ____D C:\Users\DomaBen\AppData\Local\Packages
2018-01-16 14:09 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-16 14:08 - 2017-12-01 11:09 - 002767432 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-16 14:08 - 2017-09-30 15:31 - 001254728 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-16 14:08 - 2017-09-30 15:31 - 000305610 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-16 14:04 - 2015-08-18 12:04 - 015501440 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2018-01-16 14:03 - 2017-12-01 11:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-16 14:03 - 2017-08-03 20:56 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-01-16 14:02 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-16 14:02 - 2017-05-20 15:37 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-01-16 14:01 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-16 13:59 - 2017-12-01 11:10 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B834254-3329-4E1F-8051-0910916CA91F}
2018-01-15 19:11 - 2017-11-15 17:44 - 000001277 _____ C:\Users\DomaBen\Desktop\nativelog.txt
2018-01-15 19:11 - 2017-07-28 23:54 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-15 18:51 - 2017-01-11 14:10 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\.minecraft
2018-01-15 16:50 - 2017-12-01 10:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-15 16:00 - 2017-05-10 10:32 - 000000000 ____D C:\Program Files\trend micro
2018-01-14 20:18 - 2017-02-14 09:24 - 000000000 ____D C:\Program Files (x86)\Heroes of the Storm
2018-01-14 19:23 - 2017-03-16 21:04 - 000000000 ____D C:\Games
2018-01-14 13:57 - 2017-08-03 21:06 - 000788008 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2018-01-13 22:58 - 2017-03-16 00:25 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\uTorrent
2018-01-12 22:33 - 2017-01-11 13:22 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\Skype
2018-01-12 19:54 - 2017-12-06 13:18 - 000000000 ____D C:\WINDOWS\Minidump
2018-01-12 19:35 - 2017-01-17 17:29 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-01-11 20:21 - 2017-06-26 14:03 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\TS3Client
2018-01-11 20:11 - 2017-09-03 22:15 - 000000000 ____D C:\Users\DomaBen\AppData\Local\ElevatedDiagnostics
2018-01-11 18:18 - 2017-12-01 10:54 - 000000000 ____D C:\Users\DomaBen
2018-01-10 12:18 - 2017-12-01 11:10 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-846297262-2386938783-804682285-1005
2018-01-10 12:18 - 2017-01-31 10:57 - 000002393 _____ C:\Users\DomaBen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-10 12:18 - 2017-01-11 12:59 - 000000000 ___RD C:\Users\DomaBen\OneDrive
2018-01-09 19:59 - 2017-01-12 17:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-09 19:57 - 2017-10-10 19:45 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-09 19:57 - 2017-01-12 17:37 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 15:19 - 2017-11-17 21:39 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 15:19 - 2017-11-17 21:39 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-09 15:17 - 2017-11-04 22:48 - 000000000 ____D C:\Users\DomaBen\AppData\Local\Discord
2018-01-09 15:17 - 2017-07-30 19:37 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\discord
2018-01-09 15:16 - 2017-11-04 22:49 - 000002243 _____ C:\Users\DomaBen\Desktop\Discord.lnk
2018-01-09 15:16 - 2017-11-04 22:49 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2018-01-08 13:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-05 17:04 - 2017-07-07 11:58 - 000000000 ____D C:\Program Files (x86)\Overwatch Test
2018-01-05 15:31 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-04 22:45 - 2017-12-01 11:14 - 000000000 ___RD C:\Users\DomaBen\3D Objects
2018-01-04 22:45 - 2015-08-18 12:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-04 22:44 - 2017-12-01 10:49 - 000234944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-04 22:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-04 22:42 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-04 22:30 - 2017-09-29 14:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-04 22:30 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-04 22:30 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-30 21:15 - 2017-09-24 20:07 - 000000000 ____D C:\Program Files (x86)\Mr DJ
2017-12-28 12:03 - 2017-08-03 21:06 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\EasyAntiCheat
2017-12-27 20:35 - 2017-01-12 14:49 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-24 22:54 - 2017-06-18 21:19 - 000000000 ____D C:\ProgramData\Oracle
2017-12-24 22:54 - 2017-06-18 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-24 22:54 - 2017-06-18 21:19 - 000000000 ____D C:\Program Files (x86)\Java
2017-12-24 22:54 - 2017-03-16 00:27 - 000000000 ____D C:\Users\DomaBen\Downloads\TORRENTY
2017-12-24 22:53 - 2017-06-18 21:19 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-12-24 11:54 - 2017-03-16 21:30 - 000000000 ____D C:\Users\DomaBen\Documents\Telltale Games
2017-12-22 14:45 - 2017-12-15 18:23 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-22 14:45 - 2017-12-15 18:23 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-20 22:38 - 2017-03-05 11:56 - 000000000 ____D C:\Users\DomaBen\Desktop\Nejvíce Lucky Momenty Ever Ahahahahahahahahahah
2017-12-20 21:15 - 2017-03-18 22:44 - 000000000 ____D C:\Users\DomaBen\Documents\My Games
2017-12-20 20:51 - 2017-12-01 14:29 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-12-20 20:50 - 2017-03-16 21:22 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2017-12-18 20:48 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-18 20:22 - 2017-08-06 13:25 - 000136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-12-18 13:09 - 2017-05-02 12:49 - 000002579 _____ C:\Users\DomaBen\Desktop\Hearthstone Deck Tracker.lnk
2017-12-18 13:09 - 2017-05-02 12:49 - 000000000 ____D C:\Users\DomaBen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-12-18 13:09 - 2017-05-02 12:49 - 000000000 ____D C:\Users\DomaBen\AppData\Local\SquirrelTemp
2017-12-18 13:09 - 2017-05-02 12:49 - 000000000 ____D C:\Users\DomaBen\AppData\Local\HearthstoneDeckTracker

==================== Files in the root of some directories =======

2017-10-19 21:18 - 2017-10-19 21:18 - 000000000 _____ () C:\Users\DomaBen\AppData\Local\{D04164AF-D4D0-49A9-A18D-508BB022F749}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\DomaBen\Desktop" je 1260 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================
Přílohy
Addition.rar
(13.71 KiB) Staženo 61 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Počítač se sám restartuje

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
ContextMenuHandlers1: [PC Protector Plus] -> {63F58340-0CD0-403B-B6E8-4E1449F01C6F} => -> No File
ContextMenuHandlers6: [PC Protector Plus] -> {63F58340-0CD0-403B-B6E8-4E1449F01C6F} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {5C82467C-F677-4C8B-B205-001BF7506FB9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E3990984-E5C9-400C-9186-C3D0EEEEA667} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-11] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Shaft
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 kvě 2017 10:31

Re: Počítač se sám restartuje

#7 Příspěvek od Shaft »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.01.2018
Ran by DomaBen (16-01-2018 20:33:38) Run:1
Running from C:\Users\DomaBen\Desktop
Loaded Profiles: DomaBen (Available Profiles: DomaBen)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
ContextMenuHandlers1: [PC Protector Plus] -> {63F58340-0CD0-403B-B6E8-4E1449F01C6F} => -> No File
ContextMenuHandlers6: [PC Protector Plus] -> {63F58340-0CD0-403B-B6E8-4E1449F01C6F} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {5C82467C-F677-4C8B-B205-001BF7506FB9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E3990984-E5C9-400C-9186-C3D0EEEEA667} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-11] (Google Inc.)

EmptyTemp:
End
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PC Protector Plus" => removed successfully
HKLM\Software\Classes\CLSID\{63F58340-0CD0-403B-B6E8-4E1449F01C6F} => key not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PC Protector Plus" => removed successfully
HKLM\Software\Classes\CLSID\{63F58340-0CD0-403B-B6E8-4E1449F01C6F} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C82467C-F677-4C8B-B205-001BF7506FB9} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C82467C-F677-4C8B-B205-001BF7506FB9}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3990984-E5C9-400C-9186-C3D0EEEEA667}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3990984-E5C9-400C-9186-C3D0EEEEA667}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 42012688 B
Java, Flash, Steam htmlcache => 87248719 B
Windows/system/drivers => 531744 B
Edge => 191389648 B
Chrome => 388458439 B
Firefox => 0 B
Opera => 16934704 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 35386 B
LocalService => 0 B
NetworkService => 231080 B
DomaBen => 22867083 B

RecycleBin => 2393192 B
EmptyTemp: => 724.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:35:06 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Počítač se sám restartuje

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Shaft
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 10 kvě 2017 10:31

Re: Počítač se sám restartuje

#9 Příspěvek od Shaft »

V momentě, kdy jsem psal odpověď se počítač zaseknul a nastal problém jako vždy. Je rychlejší, ale chyba bude asi někde uvnitř a tak poputuje na reklamaci. Každopádně děkuji za pomoc a Váš čas.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Počítač se sám restartuje

#10 Příspěvek od Rudy »

Tak pokud je možno ho reklamovat, reklamujte. Měl jste jen pár AdWarů, které zase tak zásadní vliv na chod PC nemají. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno