Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

samovolné odesílání mailů

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

samovolné odesílání mailů

#1 Příspěvek od marco_cz »

Dobrý den,
už se mi podruhé stalo že mi známý říkali že jim odesílám maily a já jsem přitom nic neodeslal a ani v Thuderbidu žádná odeslaná pošta není. Poslední zpráva která byla údajně ode mne odeslaná.
Předmět: ✔Re: Jaké překvapení

Hej kamaráde,
Chtěla jsem vyprávět o překvapení moji přátelé se mi včera večer, podívejte se zde více informace
Přeji ti vše nejlepší,

V počítači mám Windows 7 home premium 64bit, antivirový program Eset nod32 antivirus 10.1.235.1.

Prosím o radu co jak zkontroluju jestli v počítači nemám nějaký vir.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#2 Příspěvek od marco_cz »

chtěl jsem udělat log soubor ale uložil jsem na plochu RSIT x64 a při spuštění mi to píše není platná aplikace typu win32. To samé u FRST.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#3 Příspěvek od marco_cz »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.01.2018
Ran by Marek (16-01-2018 15:29:16)
Running from C:\Users\Marek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-02 16:20:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2253546345-1451501098-3921934081-500 - Administrator - Disabled)
Guest (S-1-5-21-2253546345-1451501098-3921934081-501 - Limited - Enabled)
Marek (S-1-5-21-2253546345-1451501098-3921934081-1000 - Administrator - Enabled) => C:\Users\Marek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}) (Version: 4.2.1 - Hewlett-Packard) Hidden
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.187 - Acronis)
Acronis True Image (HKLM-x32\...\{B41CCFCF-D8FB-4FE4-B8C8-CE517519072A}) (Version: 22.3.9207 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVerMedia A828 USB Hybrid DVBT 1.7.64.100 (HKLM-x32\...\AVerMedia A828 USB Hybrid DVBT) (Version: 1.7.64.100 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia Applications (HKLM-x32\...\{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}) (Version: 1.0.4 - AVerMedia Technologies, Inc.) Hidden
AVerMedia Applications (HKLM-x32\...\InstallShield_{92C41B26-EBC5-41C5-8B6F-E3EF7E57FF16}) (Version: 1.0.4 - AVerMedia Technologies, Inc.)
AVerMedia Media Center Plug-ins 2.0.8.0 (HKLM-x32\...\AVerMedia Media Center Plug-ins) (Version: 2.0.8.0 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
BufferChm (HKLM-x32\...\{687FEF8A-8597-40b4-832C-297EA3F35817}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version: - )
Combined Community Codec Pack 2013-11-27 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.11.27.0 - CCCP Project)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1830 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DeviceDiscovery (HKLM-x32\...\{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}) (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 41.4.80 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{3E2B7AE3-BA39-4C93-B6F5-BCF242BB9431}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM1312 (HKLM-x32\...\{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}) (Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (HKLM-x32\...\{7985C7FA-B151-4BA7-B19E-1577A7B527F1}) (Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (HKLM-x32\...\{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}) (Version: 005.001.00137 - Název společnosti:) Hidden
hppFonts (HKLM-x32\...\{995F2783-8311-49BF-833E-DB659774B4F6}) (Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (HKLM-x32\...\{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}) (Version: 005.001.00145 - Název společnosti:) Hidden
hppQFolderCM1312 (HKLM-x32\...\{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (HKLM-x32\...\{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}) (Version: 005.001.00140 - Název společnosti:) Hidden
hppSendFaxCM1312 (HKLM-x32\...\{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}) (Version: 005.000.00001 - Název společnosti:) Hidden
hppusgCM1312 (HKLM-x32\...\{325D1D94-4F34-46A7-A489-737C801B931D}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
MarketResearch (HKLM-x32\...\{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Mashinky CZ SmartSteamEmu v.15112017 (HKLM-x32\...\Mashinky CZ SmartSteamEmu v.15112017) (Version: SmartSteamEmu v.15112017 - Libbi)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Video Converter 16 (HKLM-x32\...\Movavi Video Converter 16) (Version: 16.0.1 - Movavi)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 57.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 57.0.4 (x64 cs)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
Mozilla Thunderbird 52.5.2 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.5.2 (x86 cs)) (Version: 52.5.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{6D45EF03-E8EE-4355-81C3-F918CBCF1029}) (Version: 8.3.309 - Nero AG)
nLite 1.4.9.3 (HKLM-x32\...\nLite_is1) (Version: 1.4.9.3 - Dino Nuhagic (nuhi))
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Opera Stable 50.0.2762.58 (HKLM-x32\...\Opera 50.0.2762.58) (Version: 50.0.2762.58 - Opera Software)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0012-0000-1000-0000000FF1CE}_Office14.STANDARD_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
StarCam Clip (HKLM-x32\...\{7AEF344E-DB20-4D76-9077-30BD339DFD99}) (Version: 5.16.0.301 - )
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Standard (HKLM-x32\...\{88A5F645-7A91-433E-998E-1AEAF73AD572}) (Version: 11801.1 - STORMWARE)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
TrayApp (HKLM-x32\...\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Van Dyke Technologies IMAP Notify 1.0 (HKLM-x32\...\IMAP Notify) (Version: - )
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{CCB9B81A-167F-4832-B305-D2A0430840B3}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-08-25] ()
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-08-25] ()
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-08-25] ()
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-08-25] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers1-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-26] (ESET)
ContextMenuHandlers1-x32: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-26] (ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-11-17] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-01-08] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-10-26] (ESET)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {349A660F-71A8-4502-8D08-5C264515E9A8} - System32\Tasks\Opera scheduled Autoupdate 1492111672 => C:\Program Files (x86)\Opera\launcher.exe [2018-01-10] (Opera Software)
Task: {36E7AF0D-DC55-47ED-BCC5-3D6EEF79EB9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {3EAE2D4A-D41E-408E-94B6-6A705E7AB6AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {404D18C4-1B45-4159-BF21-27009672F313} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04] (Dropbox, Inc.)
Task: {43A7FB22-B682-43CC-890A-DA037C9B279C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-02] (Google Inc.)
Task: {44A5AD0D-9FF1-423C-AB05-638D8D839DA7} - System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A} => C:\Users\Marek\Desktop\RSITx64.exe [2018-01-16] ()
Task: {71A72217-1C0D-45E1-967A-39C876156B6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04] (Dropbox, Inc.)
Task: {AE6B7493-F7F4-4802-9A56-44F5B8C91233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-02] (Google Inc.)
Task: {B98FB4B3-258B-4ECD-B5FC-721221F6591F} - System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D} => C:\Users\Marek\Desktop\RSITx64.exe [2018-01-16] ()
Task: {C64073AB-A6D6-4104-AB56-4A2A7A74B8E1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {CD69B970-5508-49CB-9CC8-6F1B0B5E93FA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2253546345-1451501098-3921934081-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2017-11-28] (Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-11-14 23:35 - 2017-11-09 18:24 - 000020208 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2017-08-25 06:57 - 2017-08-25 06:57 - 001213576 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-01-06 10:00 - 2018-01-06 10:00 - 006080088 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2017-04-04 18:41 - 2009-12-07 06:13 - 000397312 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2017-06-07 21:09 - 2017-11-17 22:04 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2017-08-25 05:51 - 2017-08-25 05:51 - 005825576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2017-04-04 18:41 - 2010-01-06 02:43 - 000155648 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000008192 ___SH () C:\Windows\SysWOW64\srvany.exe
2017-05-08 13:14 - 2017-05-08 13:14 - 000151552 ___SH () C:\Windows\kmsem\KMService.exe
2017-04-02 20:07 - 2006-05-12 10:27 - 000831488 _____ () C:\Windows\vsnpstd3.exe
2017-08-25 06:17 - 2017-08-25 06:17 - 000575416 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2017-04-02 20:07 - 2006-06-19 10:43 - 000262144 _____ () C:\Windows\tsnpstd3.exe
2017-08-25 08:59 - 2017-08-25 08:59 - 004519856 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2017-08-25 05:51 - 2017-08-25 05:51 - 006981960 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2017-04-04 18:41 - 2010-06-21 22:24 - 000053248 _____ () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2017-08-25 09:00 - 2017-08-25 09:00 - 003485584 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll
2017-08-25 08:54 - 2017-08-25 08:54 - 001317136 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\services_mms_addon.dll
2017-08-25 05:51 - 2017-08-25 05:51 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2017-08-26 00:14 - 2017-08-26 00:14 - 021193392 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2017-08-25 06:32 - 2017-08-25 06:32 - 000405024 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2017-08-25 05:33 - 2017-08-25 05:33 - 000129968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2017-08-25 05:51 - 2017-08-25 05:51 - 000248240 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sync_agent_api.dll
2017-08-25 05:51 - 2017-08-25 05:51 - 000160168 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\libevent.dll
2017-08-17 16:51 - 2017-08-17 16:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-06-07 21:07 - 2017-11-17 22:04 - 000570368 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2016-10-12 17:14 - 2016-10-12 17:14 - 000277538 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2016-10-11 10:34 - 2016-10-11 10:34 - 002386352 _____ () C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\xerces_c.dll
2016-04-13 09:38 - 2017-11-17 22:04 - 000798208 _____ () C:\ProgramData\MEGAsync\libsodium.dll
2010-06-04 17:40 - 2010-06-04 17:40 - 000012128 _____ () C:\Program Files (x86)\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
2018-01-11 21:46 - 2018-01-08 22:15 - 000732480 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-01-11 21:46 - 2018-01-08 22:15 - 002061632 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-04 10:47 - 2018-01-08 22:15 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-04 10:47 - 2018-01-08 22:15 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000063296 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-04 10:47 - 2018-01-08 22:16 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 18:19 - 2018-01-08 22:15 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-07 18:41 - 2018-01-08 22:17 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-17 18:54 - 2018-01-08 22:16 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000155464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-04 10:47 - 2018-01-08 22:16 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-05-04 10:47 - 2018-01-08 22:15 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-05-04 10:47 - 2018-01-08 22:17 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-01-11 21:46 - 2018-01-08 22:15 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-11 21:46 - 2018-01-08 22:16 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-04 10:47 - 2018-01-08 22:16 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-01-11 21:46 - 2018-01-08 22:16 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-04 10:47 - 2018-01-08 22:17 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-01-11 21:46 - 2018-01-08 22:16 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-08-25 06:07 - 2017-08-25 06:07 - 008980000 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2017-08-25 05:51 - 2017-08-25 05:51 - 000790952 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_supp.dll
2017-08-25 06:16 - 2017-08-25 06:16 - 000053792 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2017-08-25 05:51 - 2017-08-25 05:51 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-08-29 19:16 - 2016-08-29 19:16 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll
2017-12-15 00:00 - 2017-12-15 00:00 - 000393504 ____R () C:\Program Files (x86)\STORMWARE\POHODA\StwXML.dll
2016-03-22 12:22 - 2016-03-22 12:22 - 000055808 ____R () C:\Program Files (x86)\STORMWARE\POHODA\zlib1.dll
2017-12-15 00:00 - 2017-12-15 00:00 - 000312096 ____R () C:\Program Files (x86)\STORMWARE\POHODA\StwDataBox.dll
2017-08-25 08:55 - 2017-08-25 08:55 - 000706104 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-12-29 21:27 - 2018-01-06 09:59 - 000001146 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
0.0.0.0 activation.acronis.com
0.0.0.0 web-api-tih.acronis.com
0.0.0.0 web-api-tie.acronis.com
0.0.0.0 web-api-vmp.acronis.com
0.0.0.0 cloud-rs-ru2.acronis.com
0.0.0.0 cloud-fes-ru2.acronis.com
0.0.0.0 rpc.acronis.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 81.200.55.70 - 81.200.55.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2DD60572-3B80-4157-BEE7-DD23BBAD36CB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E45E6FD8-24EF-47A6-A14E-330430A40A81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{20DCB666-88F2-4F87-BC14-7327D5155408}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{E3AE89B4-96F7-41D7-99D3-F5EE68454F27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD9.EXE
FirewallRules: [{18291519-A647-4AF9-BBB0-FF7724771235}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{F00D615C-F1FD-4174-8EEA-FE475C805DBC}C:\users\marek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{56BADC70-44E9-473B-BD74-B4AA6CCA9522}C:\users\marek\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marek\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{962F0798-718D-45B5-BF1A-DC1FDCCB0F15}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{275F9E9D-B529-44B9-A66C-4E948754FA90}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [TCP Query User{5A0DD41C-A69D-4C8F-9ABF-9C3A31EDC37A}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [UDP Query User{8A82E154-6EFE-4284-9C47-18F1A2CFF0D3}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [TCP Query User{A23B5E7E-BB43-4F4C-97EF-F8B16AF9838B}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [UDP Query User{511CD02D-CDC1-4328-B3C3-6728F7D087F2}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe
FirewallRules: [{28514787-C5BC-4C69-9E97-A95CE29CA181}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{3F429DAB-486D-4858-A9EF-A922010244AA}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe
FirewallRules: [{2F171E53-8E10-446D-8F26-2D357F900779}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [{C5D2BD36-95F5-4C3D-86F9-37989C0C4562}] => (Allow) C:\Program Files (x86)\SnugTV\SnugTV Station\ConfigWizard.exe
FirewallRules: [TCP Query User{5674E8A2-DDCB-4D0C-8154-D9A06A170070}C:\mashinky cz\mashinky.exe] => (Allow) C:\mashinky cz\mashinky.exe
FirewallRules: [UDP Query User{113DC29A-2561-46A5-8972-543DCF898882}C:\mashinky cz\mashinky.exe] => (Allow) C:\mashinky cz\mashinky.exe
FirewallRules: [TCP Query User{8410F483-E819-4AE1-B182-AE05DC4B67CC}C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe] => (Allow) C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe
FirewallRules: [UDP Query User{F02BD9F6-2933-41EC-959E-DDC0C68FA33B}C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe] => (Allow) C:\users\marek\desktop\dns-323_c1_fw_v1.10_easysearch_v4.9.0.2_01272011.exe
FirewallRules: [{332D3108-E412-4447-AAEC-183DD58C2491}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A49FB4D8-3177-4686-ADEA-05BEB11A3C0F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BAD8AF8D-CFE5-4475-9460-D88C25593AB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BA0E3796-353D-4778-AB0F-14435D37A7F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DCFAC6C2-45D2-46F2-ADD4-33FA242354F1}] => (Allow) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
FirewallRules: [{4AFD38FF-73EE-4090-983E-9AF10222BE1C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{307387B1-DABD-4BA7-80E8-545DFED336DD}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{FF865AA2-8CDC-4ECD-B749-344E1188F22E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{CB4C81F5-5E5E-42A1-B28D-4B357EC85F19}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
FirewallRules: [{8FEEF5F2-4946-47DA-847C-5784AAC2B6BF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
FirewallRules: [{DF434B60-3961-4126-8E9F-5A8DFA5941D4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe
FirewallRules: [{7CA42022-C44B-4576-9DFC-A1878B8EA0D6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
FirewallRules: [{49A354E8-165E-464F-9802-D0962AF22626}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe
FirewallRules: [{64DA2689-44CF-45E0-B974-D6C908A9195B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe
FirewallRules: [{FB52FA79-7476-4872-ACC1-1BCB6F4104BF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe
FirewallRules: [{68506005-3CC1-4524-8D31-F47692679E32}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{D11FD309-0B12-405E-8723-EBB98B7551EC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{73918B18-EEB9-436C-8780-26CE92729B9F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
FirewallRules: [{FC74A21E-2226-4324-B17D-C3C184741E0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D1DAD523-35E0-4208-A6D6-F3F6B97E0080}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{B6387DE5-8BF4-412B-88B7-73B7C0ACAAD5}] => (Allow) C:\Program Files (x86)\Opera\50.0.2762.58\opera.exe

==================== Restore Points =========================

06-01-2018 10:00:14 Nainstalováno: Acronis True Image
09-01-2018 22:33:50 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2018 03:10:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="*",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/16/2018 08:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/16/2018 08:22:35 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.

Error: (01/16/2018 08:22:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9

Error: (01/16/2018 03:23:37 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\mozbackup\dll\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\mozbackup\dll\DelZip179.dll na řádku 8.
Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error: (01/16/2018 03:23:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/16/2018 03:23:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (01/16/2018 03:23:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Součást 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (01/15/2018 03:00:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0c1be500-2cdd-4a2c-ad5f-77d2dfc374c0}

Error: (01/15/2018 02:00:03 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0c1be500-2cdd-4a2c-ad5f-77d2dfc374c0}


System errors:
=============
Error: (01/16/2018 08:24:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (01/16/2018 08:24:09 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error: (01/16/2018 08:22:43 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (01/16/2018 08:22:40 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (01/16/2018 08:22:40 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (01/16/2018 08:22:40 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (01/16/2018 08:22:39 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (01/16/2018 08:22:35 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (01/16/2018 08:22:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:20:47, ‎16.‎1.‎2018) bylo neočekávané.

Error: (01/16/2018 06:19:02 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.


CodeIntegrity:
===================================
Date: 2018-01-16 08:22:35.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-16 08:22:30.924
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\snpstd3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-16 08:22:30.799
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\snpstd3.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-16 07:14:21.234
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-16 07:05:11.325
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-16 06:50:32.254
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-15 16:44:17.850
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-15 16:36:40.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-15 16:20:10.303
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-01-15 07:06:52.882
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8137.92 MB
Available physical RAM: 4698.61 MB
Total Virtual: 16274 MB
Available Virtual: 12848.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:146.81 GB) NTFS
Drive d: () (Fixed) (Total:390.62 GB) (Free:52.45 GB) NTFS
Drive e: () (Fixed) (Total:540.88 GB) (Free:355.92 GB) NTFS
Drive j: (Office_2007_cz_E) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 70E036E7)
Partition 1: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: EBB39BB7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#4 Příspěvek od marco_cz »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2018
Ran by Marek (administrator) on MAREK-PC (16-01-2018 15:28:44)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\kmsem\KMService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Windows\vsnpstd3.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Van Dyke Technologies, Inc.) C:\Program Files (x86)\IMAP Notify\IMAPNotify.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Windows\tsnpstd3.exe
(Acronis) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 10\Cobian.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(STORMWARE s.r.o.) C:\Program Files (x86)\STORMWARE\POHODA\Pohoda.exe
(STORMWARE s.r.o.) C:\Program Files (x86)\STORMWARE\POHODA\StwPh.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [831488 2006-05-12] ()
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [575416 2017-08-25] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [324216 2017-10-26] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [262144 2006-06-19] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [530768 2010-06-04] (Acronis)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2018-01-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cobian Backup 10] => C:\Program Files (x86)\Cobian Backup 10\Cobian.exe [421376 2010-09-23] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-02-14] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4519856 2017-08-25] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\MountPoints2: {95f35f7e-17c0-11e7-87fc-8c89a5c1abb2} - J:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2017-04-04]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2017-04-04]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-04-10]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IMAP Notify.lnk [2017-07-19]
ShortcutTarget: IMAP Notify.lnk -> C:\Program Files (x86)\IMAP Notify\IMAPNotify.exe (Van Dyke Technologies, Inc.)
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-10-11]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 81.200.55.70 81.200.55.34
Tcpip\..\Interfaces\{98E79581-0AD0-4822-853D-739FD971FB7E}: [DhcpNameServer] 81.200.55.70 81.200.55.34

Internet Explorer:
==================
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.atlas.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-07] (Oracle Corporation)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab

FireFox:
========
FF DefaultProfile: zner6jam.default
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\zner6jam.default [2018-01-16]
FF Homepage: Mozilla\Firefox\Profiles\zner6jam.default -> hxxp://www.centrum.cz/
FF Extension: (Disable JavaScript Shared Memory) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\zner6jam.default\features\{254d74eb-6211-4c3e-a732-298091311bcc}\disable-js-shared-memory@mozilla.org.xpi [2018-01-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default [2017-08-08]
CHR Extension: (Prezentace Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Dokumenty Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Disk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Tabulky Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2776608 2017-08-25] (Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1213576 2017-08-25] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6080088 2018-01-06] ()
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2009-10-30] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-07] () [File not signed]
R2 cbVSCService; C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2018-01-08] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2648184 2017-10-26] (ESET)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-05-08] () [File not signed]
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-08-25] (Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-08-25] (Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1723808 2017-08-25] ()
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6981960 2017-08-25] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [532864 2010-10-07] (AVerMedia TECHNOLOGIES, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-04-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-04-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132848 2017-10-26] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2017-10-26] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [77736 2017-10-26] (ESET)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [559888 2018-01-06] (Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [378712 2018-01-06] (Acronis International GmbH)
R3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett Packard)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10443008 2006-06-27] (Sonix Co. Ltd.) [File not signed]
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10148480 2006-06-27] (Sonix Co. Ltd.) [File not signed]
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2018-01-06] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [213336 2018-01-06] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [690520 2018-01-06] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [326416 2018-01-06] (Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2018-01-06] (Acronis International GmbH)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-06-28] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-16 15:28 - 2018-01-16 15:28 - 002393088 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2018-01-16 15:28 - 2018-01-16 15:28 - 000020567 _____ C:\Users\Marek\Desktop\FRST.txt
2018-01-16 15:28 - 2018-01-16 15:28 - 000000000 ____D C:\FRST
2018-01-16 15:24 - 2018-01-16 15:24 - 000002934 _____ C:\Windows\System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A}
2018-01-16 15:23 - 2018-01-16 15:23 - 000002934 _____ C:\Windows\System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D}
2018-01-16 15:22 - 2018-01-16 15:22 - 000000000 _____ C:\Users\Marek\Desktop\FRSTLauncher.exe
2018-01-16 15:20 - 2018-01-16 15:20 - 000000000 _____ C:\Users\Marek\Desktop\RSITx64.exe
2018-01-15 08:30 - 2018-01-15 08:30 - 000126509 _____ C:\Users\Marek\Documents\Faktura_(2)_18010010.pdf
2018-01-12 16:00 - 2018-01-12 16:00 - 000128661 _____ C:\Users\Marek\Documents\Faktura_(2)_18010003.pdf
2018-01-11 21:46 - 2018-01-11 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-01-09 14:18 - 2018-01-09 14:18 - 000124362 _____ C:\Users\Marek\Desktop\Priloha.pdf
2018-01-08 22:15 - 2018-01-08 22:15 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-01-08 22:15 - 2018-01-08 22:15 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-01-07 16:40 - 2018-01-07 16:40 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-01-07 16:40 - 2018-01-07 16:40 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-07 16:40 - 2017-10-20 06:34 - 000110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2018-01-07 09:47 - 2018-01-07 09:47 - 000000000 ____D C:\Users\Marek\Desktop\avi
2018-01-06 21:47 - 2018-01-06 21:47 - 000000000 ____D C:\Users\Marek\AppData\Local\Apps\2.0
2018-01-06 15:09 - 2018-01-06 15:09 - 000116170 _____ C:\Users\Marek\Desktop\wspdf6457428998167222999hlasenka.pdf
2018-01-06 10:01 - 2018-01-06 10:01 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Acronis
2018-01-06 10:00 - 2018-01-06 10:00 - 001310552 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000690520 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tnd.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000559888 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_protector.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000378712 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\file_tracker.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000371472 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\snapman.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000326416 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\virtual_file.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000243472 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\volume_tracker.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000213336 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\tib_mounter.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000182032 _____ (Acronis International GmbH) C:\Windows\system32\Drivers\fltsrv.sys
2018-01-06 10:00 - 2018-01-06 10:00 - 000001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2018-01-06 10:00 - 2018-01-06 10:00 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2018-01-06 09:59 - 2018-01-06 09:59 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2018-01-05 08:58 - 2018-01-05 08:58 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-01-05 08:58 - 2018-01-05 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-05 00:32 - 2017-12-29 19:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-01-05 00:32 - 2017-12-29 18:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-01-05 00:32 - 2017-12-29 10:15 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-05 00:32 - 2017-12-29 09:04 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-05 00:31 - 2018-01-01 03:21 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-05 00:31 - 2018-01-01 03:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-05 00:31 - 2018-01-01 03:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-05 00:31 - 2018-01-01 03:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-05 00:31 - 2018-01-01 03:21 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-05 00:31 - 2018-01-01 03:19 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-01-05 00:31 - 2018-01-01 03:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-01-05 00:31 - 2018-01-01 03:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-01-05 00:31 - 2018-01-01 03:18 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-01-05 00:31 - 2018-01-01 03:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-01-05 00:31 - 2018-01-01 03:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-01-05 00:31 - 2018-01-01 03:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-05 00:31 - 2018-01-01 03:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-05 00:31 - 2018-01-01 03:02 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-01-05 00:31 - 2018-01-01 03:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-01-05 00:31 - 2018-01-01 03:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-01-05 00:31 - 2018-01-01 02:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-01-05 00:31 - 2018-01-01 02:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-01-05 00:31 - 2018-01-01 02:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-01-05 00:31 - 2018-01-01 02:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-01-05 00:31 - 2018-01-01 02:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-05 00:31 - 2018-01-01 02:49 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-05 00:31 - 2018-01-01 02:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-05 00:31 - 2018-01-01 02:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-01-05 00:31 - 2018-01-01 02:46 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-05 00:31 - 2018-01-01 02:45 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-05 00:31 - 2018-01-01 02:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-01-05 00:31 - 2018-01-01 02:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-01-05 00:31 - 2018-01-01 02:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-05 00:31 - 2018-01-01 02:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-05 00:31 - 2018-01-01 02:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-05 00:31 - 2018-01-01 02:42 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-05 00:31 - 2018-01-01 02:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-05 00:31 - 2018-01-01 02:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-01-05 00:31 - 2018-01-01 02:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-01-05 00:31 - 2018-01-01 02:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-01-05 00:31 - 2018-01-01 02:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-01-05 00:31 - 2018-01-01 02:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-01-05 00:31 - 2018-01-01 02:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-01-05 00:31 - 2018-01-01 02:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-05 00:31 - 2017-12-30 08:29 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-05 00:31 - 2017-12-30 07:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-01-05 00:31 - 2017-12-29 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-01-05 00:31 - 2017-12-29 19:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-01-05 00:31 - 2017-12-29 19:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-01-05 00:31 - 2017-12-29 19:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-01-05 00:31 - 2017-12-29 19:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-01-05 00:31 - 2017-12-29 19:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-01-05 00:31 - 2017-12-29 19:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-01-05 00:31 - 2017-12-29 19:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-01-05 00:31 - 2017-12-29 19:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-01-05 00:31 - 2017-12-29 19:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-01-05 00:31 - 2017-12-29 19:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-01-05 00:31 - 2017-12-29 19:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-01-05 00:31 - 2017-12-29 19:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-01-05 00:31 - 2017-12-29 18:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-01-05 00:31 - 2017-12-29 18:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-05 00:31 - 2017-12-29 18:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-01-05 00:31 - 2017-12-29 18:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-01-05 00:31 - 2017-12-29 18:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-01-05 00:31 - 2017-12-29 18:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-01-05 00:31 - 2017-12-29 18:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-01-05 00:31 - 2017-12-29 18:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-01-05 00:31 - 2017-12-29 18:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-01-05 00:31 - 2017-12-29 18:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-01-05 00:31 - 2017-12-29 18:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-01-05 00:31 - 2017-12-29 18:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-01-05 00:31 - 2017-12-29 18:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-01-05 00:31 - 2017-12-29 18:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-01-05 00:31 - 2017-12-29 18:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-01-05 00:31 - 2017-12-29 18:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-01-05 00:31 - 2017-12-29 10:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-01-05 00:31 - 2017-12-29 10:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-01-05 00:31 - 2017-12-29 09:52 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-05 00:31 - 2017-12-29 09:51 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-05 00:31 - 2017-12-29 09:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-05 00:31 - 2017-12-29 09:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-05 00:31 - 2017-12-29 09:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-05 00:31 - 2017-12-29 09:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-05 00:31 - 2017-12-29 09:50 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-01-05 00:31 - 2017-12-29 09:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-05 00:31 - 2017-12-29 09:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-05 00:31 - 2017-12-29 09:40 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-05 00:31 - 2017-12-29 09:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-05 00:31 - 2017-12-29 09:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-05 00:31 - 2017-12-29 09:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-05 00:31 - 2017-12-29 09:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-01-05 00:31 - 2017-12-29 09:32 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-05 00:31 - 2017-12-29 09:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-05 00:31 - 2017-12-29 09:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-05 00:31 - 2017-12-29 09:22 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-05 00:31 - 2017-12-29 09:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-05 00:31 - 2017-12-29 09:18 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-05 00:31 - 2017-12-29 09:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-05 00:31 - 2017-12-29 09:16 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-05 00:31 - 2017-12-29 09:14 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-05 00:31 - 2017-12-29 09:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-05 00:31 - 2017-12-29 09:03 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-05 00:31 - 2017-12-29 09:03 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-05 00:31 - 2017-12-29 09:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-05 00:31 - 2017-12-29 09:01 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-01-05 00:31 - 2017-12-29 08:50 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-05 00:31 - 2017-12-29 08:39 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-05 00:31 - 2017-12-29 08:27 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-05 00:31 - 2017-12-21 07:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-05 00:31 - 2017-12-13 17:31 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-01-05 00:31 - 2017-12-13 17:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-01-05 00:31 - 2017-12-13 17:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-01-05 00:31 - 2017-12-13 17:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-01-05 00:31 - 2017-12-13 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-01-05 00:31 - 2017-12-13 16:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-01-05 00:31 - 2017-12-05 18:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-05 00:31 - 2017-12-05 18:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-05 00:31 - 2017-12-05 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-05 00:31 - 2017-12-05 18:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-01-05 00:31 - 2017-12-05 18:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-01-05 00:31 - 2017-12-05 16:59 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-05 00:31 - 2017-12-05 16:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-12-29 21:37 - 2017-12-29 21:37 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-12-29 21:37 - 2017-12-29 21:37 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2017-12-29 21:37 - 2017-12-29 21:37 - 000113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2017-12-29 21:37 - 2017-12-29 21:37 - 000002048 _____ C:\Windows\SysWOW64\winver.exe
2017-12-29 21:37 - 2017-12-29 21:37 - 000001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2017-12-27 19:57 - 2017-12-27 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2017-12-21 21:01 - 2017-12-21 21:01 - 000057330 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0033.pdf
2017-12-21 21:00 - 2017-12-21 21:00 - 000101177 _____ C:\Users\Marek\Documents\Faktura_17010123.pdf
2017-12-21 21:00 - 2017-12-21 21:00 - 000072757 _____ C:\Users\Marek\Documents\Daňový_doklad_17HP0033.pdf
2017-12-20 19:25 - 2017-12-20 19:25 - 000057377 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0032.pdf
2017-12-20 19:24 - 2017-12-20 19:24 - 000106724 _____ C:\Users\Marek\Documents\Faktura_17010117.pdf
2017-12-20 19:24 - 2017-12-20 19:24 - 000057095 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0031.pdf
2017-12-20 19:24 - 2017-12-20 19:24 - 000057092 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0030.pdf
2017-12-20 19:23 - 2017-12-20 19:23 - 000111128 _____ C:\Users\Marek\Documents\Faktura_17010119.pdf
2017-12-20 19:23 - 2017-12-20 19:23 - 000102984 _____ C:\Users\Marek\Documents\Faktura_17010121.pdf
2017-12-18 23:02 - 2017-12-18 23:02 - 000100507 _____ C:\Users\Marek\Documents\Faktura_17010118.pdf
2017-12-18 23:02 - 2017-12-18 23:02 - 000057706 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0029.pdf
2017-12-18 23:00 - 2017-12-18 23:00 - 000057486 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0028.pdf
2017-12-18 22:59 - 2017-12-18 22:59 - 000107335 _____ C:\Users\Marek\Documents\Faktura_17010113.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-16 15:28 - 2017-04-02 17:57 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Skype
2018-01-16 15:12 - 2017-04-02 17:35 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\Mozilla
2018-01-16 14:52 - 2017-05-04 10:47 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-01-16 14:26 - 2009-07-14 05:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-16 14:26 - 2009-07-14 05:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-16 13:40 - 2017-04-13 20:27 - 000003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1492111672
2018-01-16 13:40 - 2017-04-13 20:27 - 000000000 ____D C:\Program Files (x86)\Opera
2018-01-16 11:52 - 2017-05-04 10:47 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-01-16 08:28 - 2011-04-12 09:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-01-16 08:28 - 2011-04-12 09:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-01-16 08:28 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-16 08:28 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-16 08:22 - 2017-11-20 18:38 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-16 08:22 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-16 08:13 - 2017-04-02 19:56 - 000000000 ____D C:\Users\Marek\AppData\Roaming\uTorrent
2018-01-16 00:05 - 2017-04-04 18:43 - 000000000 ____D C:\Users\Marek\Documents\AVerTV
2018-01-15 11:29 - 2017-04-02 18:59 - 000000000 ____D C:\Users\Marek\Desktop\ČSOB
2018-01-12 21:50 - 2017-04-02 18:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-01-11 21:46 - 2017-05-04 10:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-01-09 22:43 - 2017-04-02 18:39 - 000000000 ____D C:\Windows\system32\MRT
2018-01-09 22:41 - 2017-10-10 19:28 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-09 22:41 - 2017-04-02 18:39 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-09 22:35 - 2017-04-02 18:07 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-01-09 20:57 - 2017-11-09 19:37 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-09 20:57 - 2017-04-02 17:35 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-01-09 20:57 - 2017-04-02 17:35 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-09 20:57 - 2017-04-02 17:35 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-01-09 20:57 - 2017-04-02 17:35 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-01-09 20:57 - 2017-04-02 17:35 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-09 02:04 - 2017-04-02 17:33 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-07 16:40 - 2017-04-02 17:35 - 000000000 ____D C:\ProgramData\Oracle
2018-01-07 16:40 - 2017-04-02 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-07 16:32 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-01-06 22:03 - 2017-12-16 21:00 - 000000000 ____D C:\Program Files (x86)\Movavi Video Converter 16
2018-01-06 22:03 - 2017-11-20 20:50 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Mediatronic
2018-01-06 14:43 - 2017-04-10 20:39 - 000000000 ____D C:\ProgramData\Acronis
2018-01-06 12:16 - 2017-07-19 09:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-01-06 12:16 - 2017-06-30 08:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-06 12:16 - 2017-04-02 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-06 10:00 - 2017-04-10 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2018-01-06 10:00 - 2017-04-10 20:39 - 000000000 ____D C:\Program Files (x86)\Acronis
2018-01-05 08:58 - 2017-04-02 17:57 - 000000000 ____D C:\ProgramData\Skype
2018-01-05 03:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-01-05 03:19 - 2009-07-14 05:45 - 000496960 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-01 10:58 - 2017-05-01 09:26 - 000000000 ____D C:\Users\Marek\Desktop\obrazky Terezka
2017-12-27 19:57 - 2017-10-05 15:15 - 000001981 _____ C:\Users\Public\Desktop\POHODA.lnk
2017-12-27 19:57 - 2017-04-02 19:56 - 000000000 ____D C:\Program Files (x86)\STORMWARE
2017-12-21 05:05 - 2017-11-30 20:59 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk

Some files in TEMP:
====================
2018-01-05 08:51 - 2018-01-05 08:52 - 059165632 _____ (Skype Technologies S.A.) C:\Users\Marek\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2017-04-02 19:52] - [2016-11-10 17:32] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2017-12-29 21:37] - [2017-12-29 21:37] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-08 00:12

==================== End of FRST.txt ============================

altrok
Moderátor
Moderátor
Příspěvky: 7256
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: samovolné odesílání mailů

#5 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: Pokud je Vas log dlouhy a nevejde se do jednoho prispevku (je delsi nez 100.000 znaku), pridejte do nazvu tematu informaci o tom, ze je log dlouhy a je rozdelen do vice casti (napr. "virus, 3 posty"). Primarne resime temata bez odpovedi, takze ve Vasem pripade to vypada, ze se Vam jiz nektery z kolegu venuje a tema snadno zapadne.


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


:arrow: Do jake miry mate legalni MS Windows, MS Office, Acronis, ...?


:arrow: Ulozte na plochu ComboFix.exe - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete antiviry a vsechny real-time ochrany
  • spustte ComboFix jako spravce (lepe pod uctem s administratorskym opravnenim)
  • s licencnimi podminkami souhlaste - Ano
  • pokud je nabidnuta instalace konzoly pro zotaveni, souhlaste
  • v prubehu skenovani nechte PC v klidu - nic nespoustejte a do okna ComboFixu neklikejte
  • vysledek skenu naleznete v C:\ComboFix.txt, jehoz obsah mi zkopirujte do pristi odpovedi.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#6 Příspěvek od marco_cz »

ComboFix 18-01-10.01 - Marek 16.01.2018 20:05:48.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8138.5770 [GMT 1:00]
Spuštěný z: c:\users\Marek\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus *Disabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET NOD32 Antivirus *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
c:\windows\SysWow64\pthreadVC.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-12-16 do 2018-01-16 )))))))))))))))))))))))))))))))
.
.
2018-01-16 19:09 . 2018-01-16 19:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-01-16 14:28 . 2018-01-16 14:29 -------- d-----w- C:\FRST
2018-01-16 14:24 . 2018-01-16 14:24 -------- d-----w- c:\users\Marek\AppData\Local\Diagnostics
2018-01-13 03:21 . 2018-01-13 03:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76DDA3E4-58FA-43AC-97F6-B7A7892E7411}\offreg.2884.dll
2018-01-08 21:15 . 2018-01-08 21:15 51016 ----a-w- c:\windows\system32\DbxSvc.exe
2018-01-08 21:15 . 2018-01-08 21:15 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2018-01-08 21:15 . 2018-01-08 21:15 45640 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2018-01-08 21:15 . 2018-01-08 21:15 45640 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2018-01-07 15:40 . 2018-01-07 15:40 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2018-01-07 15:40 . 2017-10-20 05:34 110144 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2018-01-07 15:40 . 2018-01-07 15:40 -------- d-----w- c:\program files (x86)\Java
2018-01-06 20:47 . 2018-01-06 20:47 -------- d-----w- c:\users\Marek\AppData\Local\Apps
2018-01-06 09:00 . 2018-01-06 09:00 559888 ----a-w- c:\windows\system32\drivers\file_protector.sys
2018-01-06 09:00 . 2018-01-06 09:00 690520 ----a-w- c:\windows\system32\drivers\tnd.sys
2018-01-06 09:00 . 2018-01-06 09:00 326416 ----a-w- c:\windows\system32\drivers\virtual_file.sys
2018-01-06 09:00 . 2018-01-06 09:00 243472 ----a-w- c:\windows\system32\drivers\volume_tracker.sys
2018-01-06 09:00 . 2018-01-06 09:00 213336 ----a-w- c:\windows\system32\drivers\tib_mounter.sys
2018-01-06 09:00 . 2018-01-06 09:00 1310552 ----a-w- c:\windows\system32\drivers\tib.sys
2018-01-06 09:00 . 2018-01-06 09:00 371472 ----a-w- c:\windows\system32\drivers\snapman.sys
2018-01-06 09:00 . 2018-01-06 09:00 182032 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2018-01-06 08:59 . 2018-01-06 08:59 -------- d-----w- c:\windows\system32\drivers\etc\BACKUP
2018-01-06 02:58 . 2018-01-06 02:58 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76DDA3E4-58FA-43AC-97F6-B7A7892E7411}\offreg.3176.dll
2018-01-06 02:57 . 2017-11-18 00:30 13899592 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76DDA3E4-58FA-43AC-97F6-B7A7892E7411}\mpengine.dll
2018-01-05 07:58 . 2018-01-05 07:58 -------- d-----r- c:\program files (x86)\Skype
2018-01-05 07:58 . 2018-01-05 07:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2018-01-04 23:32 . 2017-12-29 09:15 25737728 ----a-w- c:\windows\system32\mshtml.dll
2018-01-04 23:32 . 2017-12-29 08:04 15284224 ----a-w- c:\windows\system32\ieframe.dll
2017-12-29 20:37 . 2017-12-29 20:37 2048 ----a-w- c:\windows\SysWow64\winver.exe
2017-12-29 20:37 . 2017-12-29 20:37 833024 ----a-w- c:\windows\SysWow64\user32.dll
2017-12-29 20:37 . 2017-12-29 20:37 410624 ----a-w- c:\windows\SysWow64\systemcpl.dll
2017-12-29 20:37 . 2017-12-29 20:37 1536 ----a-w- c:\windows\SysWow64\sppcomapi.dll
2017-12-29 20:37 . 2017-12-29 20:37 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2017-12-27 18:57 . 2017-12-27 18:57 -------- d-----w- c:\program files (x86)\Common Files\STORMWARE Shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-09 21:41 . 2017-10-10 18:28 129365736 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-01-09 21:41 . 2017-04-02 17:39 129365736 -c--a-w- c:\windows\system32\MRT.exe
2018-01-09 19:57 . 2017-04-02 16:35 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-01-09 19:57 . 2017-04-02 16:35 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-01-01 16:12 . 2018-01-04 23:31 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2018-01-01 02:18 . 2018-01-04 23:31 1110528 ----a-w- c:\windows\system32\schedsvc.dll
2018-01-01 02:18 . 2018-01-04 23:31 345600 ----a-w- c:\windows\system32\schannel.dll
2018-01-01 02:18 . 2018-01-04 23:31 190464 ----a-w- c:\windows\system32\rpchttp.dll
2018-01-01 02:00 . 2018-01-04 23:31 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2018-01-01 02:00 . 2018-01-04 23:31 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2018-01-01 01:59 . 2018-01-04 23:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-12-07 22:32 . 2017-12-07 22:32 59162608 ----a-w- c:\users\Marek\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2017-11-09 04:03 . 2017-11-09 04:03 36203120 ----a-w- c:\windows\system32\nvoglv64.dll
2017-11-09 04:03 . 2017-11-09 04:03 29245040 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-11-09 04:02 . 2017-11-09 04:02 16771696 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-11-09 04:02 . 2017-11-09 04:02 624056 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 514672 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 989808 ----a-w- c:\windows\system32\NvIFR64.dll
2017-11-09 04:02 . 2017-11-09 04:02 941168 ----a-w- c:\windows\SysWow64\NvIFR.dll
2017-11-09 04:01 . 2017-11-09 04:01 54192 ----a-w- c:\windows\system32\nvhdap64.dll
2017-11-09 04:01 . 2017-11-09 04:01 1624168 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-11-09 04:01 . 2017-11-09 04:01 233904 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-11-09 04:01 . 2017-11-09 04:01 1107896 ----a-w- c:\windows\system32\NvFBC64.dll
2017-11-09 04:00 . 2017-11-09 04:00 1039288 ----a-w- c:\windows\SysWow64\NvFBC.dll
2017-11-09 03:56 . 2017-11-09 03:56 1682536 ----a-w- c:\windows\system32\nvdispgenco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 1997752 ----a-w- c:\windows\system32\nvdispco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 3816376 ----a-w- c:\windows\system32\nvcuvid.dll
2017-11-09 03:56 . 2017-11-09 03:56 3355248 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2017-11-09 03:55 . 2017-11-09 03:55 40246384 ----a-w- c:\windows\system32\nvcompiler.dll
2017-11-09 03:55 . 2017-11-09 03:55 35165624 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2017-11-09 03:33 . 2017-10-11 02:31 21943656 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-11-09 03:33 . 2017-10-11 02:31 19187392 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-11-09 03:33 . 2017-10-11 02:31 505256 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-11-09 03:33 . 2017-11-09 03:33 419520 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-11-09 03:33 . 2017-11-09 03:33 13379352 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 10986768 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 23474664 ----a-w- c:\windows\system32\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 19212720 ----a-w- c:\windows\SysWow64\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 164648 ----a-w- c:\windows\system32\nvoglshim64.dll
2017-11-09 03:33 . 2017-11-09 03:33 142336 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2017-11-09 03:32 . 2017-11-09 03:32 182296 ----a-w- c:\windows\system32\nvinitx.dll
2017-11-09 03:32 . 2017-11-09 03:32 159736 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-11-09 03:32 . 2017-11-09 03:32 1154296 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 902312 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 540856 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2017-11-09 03:32 . 2017-11-09 03:32 459032 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2017-11-09 03:32 . 2017-10-11 02:30 18375312 ----a-w- c:\windows\system32\nvd3dumx.dll
2017-11-09 03:32 . 2017-10-11 02:30 15168288 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2017-11-09 03:32 . 2017-11-09 03:32 13994320 ----a-w- c:\windows\system32\nvcuda.dll
2017-11-09 03:32 . 2017-11-09 03:32 11891192 ----a-w- c:\windows\SysWow64\nvcuda.dll
2017-11-09 03:32 . 2017-10-11 02:29 4330832 ----a-w- c:\windows\system32\nvapi64.dll
2017-11-09 03:32 . 2017-11-09 03:32 3841120 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-11-07 16:31 . 2017-12-13 14:45 2048 ----a-w- c:\windows\system32\tzres.dll
2017-11-07 16:13 . 2017-12-13 14:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2017-11-04 15:31 . 2017-12-13 14:45 194048 ----a-w- c:\windows\system32\itircl.dll
2017-11-04 15:31 . 2017-12-13 14:45 170496 ----a-w- c:\windows\system32\itss.dll
2017-11-04 15:10 . 2017-12-13 14:45 158720 ----a-w- c:\windows\SysWow64\itircl.dll
2017-11-04 15:10 . 2017-12-13 14:45 142336 ----a-w- c:\windows\SysWow64\itss.dll
2017-11-02 16:55 . 2017-12-13 14:45 138240 ----a-w- c:\windows\system32\rtm.dll
2017-11-02 16:55 . 2017-12-13 14:45 97792 ----a-w- c:\windows\system32\mprdim.dll
2017-11-02 16:55 . 2017-12-13 14:45 9728 ----a-w- c:\windows\system32\iprtprio.dll
2017-11-02 16:55 . 2017-12-13 14:45 281600 ----a-w- c:\windows\system32\iprtrmgr.dll
2017-11-02 15:11 . 2017-12-13 14:45 115200 ----a-w- c:\windows\SysWow64\rtm.dll
2017-11-02 15:11 . 2017-12-13 14:45 75264 ----a-w- c:\windows\SysWow64\mprdim.dll
2017-11-02 15:11 . 2017-12-13 14:45 271360 ----a-w- c:\windows\SysWow64\iprtrmgr.dll
2017-11-02 14:56 . 2017-12-13 14:45 8192 ----a-w- c:\windows\SysWow64\iprtprio.dll
2017-10-27 16:36 . 2017-11-20 17:38 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-10-27 16:12 . 2017-11-20 17:39 5960824 ----a-w- c:\windows\system32\nvcpl.dll
2017-10-27 16:12 . 2017-11-20 17:39 2587768 ----a-w- c:\windows\system32\nvsvc64.dll
2017-10-27 16:12 . 2017-11-20 17:39 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-10-27 16:12 . 2017-11-20 17:39 607168 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-10-27 16:12 . 2017-11-20 17:39 449656 ----a-w- c:\windows\system32\nvmctray.dll
2017-10-27 16:12 . 2017-11-20 17:39 1766520 ----a-w- c:\windows\system32\nvsvcr.dll
2017-10-27 16:12 . 2017-11-20 17:39 123000 ----a-w- c:\windows\system32\nvshext.dll
2017-10-27 16:06 . 2017-12-08 17:53 136312 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2017-10-26 09:01 . 2017-01-17 07:15 77736 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2017-10-26 09:01 . 2017-01-17 07:15 180088 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2017-10-26 09:01 . 2017-01-17 07:15 132848 ----a-w- c:\windows\system32\drivers\eamonm.sys
2017-10-25 10:33 . 2017-11-20 17:39 7802921 ----a-w- c:\windows\system32\nvcoproc.bin
2017-10-20 05:34 . 2017-04-02 16:35 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2017-05-08 12:14 151552 --sha-w- c:\windows\kmsem\KMService.exe
2017-05-08 12:14 8192 --sha-w- c:\windows\SysWOW64\srvany.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2016-11-10 . 34BA256FBF83457F9D5E51A56DB54542 . 1009152 . . [6.1.7601.23594] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_2b915fa59d5abee0\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2016-11-10 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2017-12-29 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2016-11-10 . 3CB074875AC88A7C1010A2A7F9881A8C . 833024 . . [6.1.7601.23594] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_35e609f7d1bb80db\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-11-17 21:04 570368 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-11-17 21:04 570368 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-11-17 21:04 570368 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2017-02-07 4701888]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2017-08-25 27832272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-02-22 292088]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-06-19 262144]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"adm_tray.exe"="c:\program files (x86)\Acronis\DriveMonitor\adm_tray.exe" [2010-06-04 530768]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2018-01-08 3567928]
"Cobian Backup 10"="c:\program files (x86)\Cobian Backup 10\Cobian.exe" [2010-09-23 421376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-09-05 587288]
.
c:\users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MEGAsync.lnk - c:\programdata\MEGAsync\MEGAsync.exe [2017-6-21 7867808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2017-4-4 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2017-4-4 718336]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
IMAP Notify.lnk - c:\program files (x86)\IMAP Notify\IMAPNotify.exe [2017-7-19 196665]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox Update Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2017/04/02 18:52];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys;c:\windows\SYSNATIVE\DRIVERS\AVerPola.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - snapman
*Deregistered* - tib
*Deregistered* - tib_mounter
*Deregistered* - volume_tracker
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2018-01-16 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04 09:47]
.
2018-01-16 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04 09:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-11-17 21:04 598528 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-11-17 21:04 598528 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-11-17 21:04 598528 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-05-12 831488]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2017-08-25 575416]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\ecmdS.exe" [2017-10-26 324216]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2016-12-09 9181696]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.atlas.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~3\Office16\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Poslat do On&eNotu - c:\progra~1\MICROS~3\Office16\ONBttnIE.dll/105
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 81.200.55.70 81.200.55.34
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} - hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\zner6jam.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_137_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_137_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_28_0_0_137_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_28_0_0_137_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_137.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.28"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_137.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_137.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_28_0_0_137.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2018-01-16 20:10:21
ComboFix-quarantined-files.txt 2018-01-16 19:10
.
Před spuštěním: Volných bajtů: 172 374 441 984
Po spuštění: Volných bajtů: 177 721 688 064
.
- - End Of File - - 068A43DFDF28BB0CF1514774E251D40D
A36C5E4F47E84449FF07ED3517B43A31

altrok
Moderátor
Moderátor
Příspěvky: 7256
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: samovolné odesílání mailů

#7 Příspěvek od altrok »

:arrow: Do jake miry mate legalni MS Windows, MS Office, Acronis, ...?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#8 Příspěvek od marco_cz »

Na počítači je nalepený štítek windows 7 home premium. Od ms office jsem při koupi dostal nějakou krabičku. Acronis nevím odinstaloval jsem.

altrok
Moderátor
Moderátor
Příspěvky: 7256
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: samovolné odesílání mailů

#9 Příspěvek od altrok »

:arrow: Pokud jeste nemate, presunte ComboFix na plochu.
  • Otevrete Poznamkovy blok (Start -> Spustit -> notepad)
  • zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

    Kód: Vybrat vše

    KillAll::
    
    RegLock::
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    
    ClearJavaCache::
    
    Reboot::
  • Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
    Obrázek
  • Po restartu na Vas vyskoci log, jehoz obsah vlozte do dalsi odpovedi.
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#10 Příspěvek od marco_cz »

ComboFix 18-01-10.01 - Marek 16.01.2018 22:41:11.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8138.5691 [GMT 1:00]
Spuštěný z: c:\users\Marek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Marek\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus *Enabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET NOD32 Antivirus *Enabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-12-16 do 2018-01-16 )))))))))))))))))))))))))))))))
.
.
2018-01-16 21:44 . 2018-01-16 21:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-01-16 14:28 . 2018-01-16 14:29 -------- d-----w- C:\FRST
2018-01-16 14:24 . 2018-01-16 14:24 -------- d-----w- c:\users\Marek\AppData\Local\Diagnostics
2018-01-13 03:21 . 2018-01-13 03:21 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76DDA3E4-58FA-43AC-97F6-B7A7892E7411}\offreg.2884.dll
2018-01-08 21:15 . 2018-01-08 21:15 51016 ----a-w- c:\windows\system32\DbxSvc.exe
2018-01-08 21:15 . 2018-01-08 21:15 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2018-01-08 21:15 . 2018-01-08 21:15 45640 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2018-01-08 21:15 . 2018-01-08 21:15 45640 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2018-01-07 15:40 . 2018-01-07 15:40 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2018-01-07 15:40 . 2017-10-20 05:34 110144 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2018-01-07 15:40 . 2018-01-07 15:40 -------- d-----w- c:\program files (x86)\Java
2018-01-06 20:47 . 2018-01-06 20:47 -------- d-----w- c:\users\Marek\AppData\Local\Apps
2018-01-06 08:59 . 2018-01-06 08:59 -------- d-----w- c:\windows\system32\drivers\etc\BACKUP
2018-01-06 02:58 . 2018-01-06 02:58 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76DDA3E4-58FA-43AC-97F6-B7A7892E7411}\offreg.3176.dll
2018-01-06 02:57 . 2017-11-18 00:30 13899592 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{76DDA3E4-58FA-43AC-97F6-B7A7892E7411}\mpengine.dll
2018-01-05 07:58 . 2018-01-05 07:58 -------- d-----r- c:\program files (x86)\Skype
2018-01-05 07:58 . 2018-01-05 07:58 -------- d-----w- c:\program files (x86)\Common Files\Skype
2018-01-04 23:32 . 2017-12-29 09:15 25737728 ----a-w- c:\windows\system32\mshtml.dll
2018-01-04 23:32 . 2017-12-29 08:04 15284224 ----a-w- c:\windows\system32\ieframe.dll
2017-12-29 20:37 . 2017-12-29 20:37 2048 ----a-w- c:\windows\SysWow64\winver.exe
2017-12-29 20:37 . 2017-12-29 20:37 833024 ----a-w- c:\windows\SysWow64\user32.dll
2017-12-29 20:37 . 2017-12-29 20:37 410624 ----a-w- c:\windows\SysWow64\systemcpl.dll
2017-12-29 20:37 . 2017-12-29 20:37 1536 ----a-w- c:\windows\SysWow64\sppcomapi.dll
2017-12-29 20:37 . 2017-12-29 20:37 113543 ----a-w- c:\windows\SysWow64\slmgr.vbs
2017-12-27 18:57 . 2017-12-27 18:57 -------- d-----w- c:\program files (x86)\Common Files\STORMWARE Shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-09 21:41 . 2017-10-10 18:28 129365736 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-01-09 21:41 . 2017-04-02 17:39 129365736 -c--a-w- c:\windows\system32\MRT.exe
2018-01-09 19:57 . 2017-04-02 16:35 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2018-01-09 19:57 . 2017-04-02 16:35 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2018-01-01 16:12 . 2018-01-04 23:31 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2018-01-01 02:18 . 2018-01-04 23:31 1110528 ----a-w- c:\windows\system32\schedsvc.dll
2018-01-01 02:18 . 2018-01-04 23:31 345600 ----a-w- c:\windows\system32\schannel.dll
2018-01-01 02:18 . 2018-01-04 23:31 190464 ----a-w- c:\windows\system32\rpchttp.dll
2018-01-01 02:00 . 2018-01-04 23:31 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2018-01-01 02:00 . 2018-01-04 23:31 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2018-01-01 01:59 . 2018-01-04 23:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-12-07 22:32 . 2017-12-07 22:32 59162608 ----a-w- c:\users\Marek\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
2017-11-09 04:03 . 2017-11-09 04:03 36203120 ----a-w- c:\windows\system32\nvoglv64.dll
2017-11-09 04:03 . 2017-11-09 04:03 29245040 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-11-09 04:02 . 2017-11-09 04:02 16771696 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-11-09 04:02 . 2017-11-09 04:02 624056 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 514672 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 989808 ----a-w- c:\windows\system32\NvIFR64.dll
2017-11-09 04:02 . 2017-11-09 04:02 941168 ----a-w- c:\windows\SysWow64\NvIFR.dll
2017-11-09 04:01 . 2017-11-09 04:01 54192 ----a-w- c:\windows\system32\nvhdap64.dll
2017-11-09 04:01 . 2017-11-09 04:01 1624168 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-11-09 04:01 . 2017-11-09 04:01 233904 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-11-09 04:01 . 2017-11-09 04:01 1107896 ----a-w- c:\windows\system32\NvFBC64.dll
2017-11-09 04:00 . 2017-11-09 04:00 1039288 ----a-w- c:\windows\SysWow64\NvFBC.dll
2017-11-09 03:56 . 2017-11-09 03:56 1682536 ----a-w- c:\windows\system32\nvdispgenco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 1997752 ----a-w- c:\windows\system32\nvdispco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 3816376 ----a-w- c:\windows\system32\nvcuvid.dll
2017-11-09 03:56 . 2017-11-09 03:56 3355248 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2017-11-09 03:55 . 2017-11-09 03:55 40246384 ----a-w- c:\windows\system32\nvcompiler.dll
2017-11-09 03:55 . 2017-11-09 03:55 35165624 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2017-11-09 03:33 . 2017-10-11 02:31 21943656 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-11-09 03:33 . 2017-10-11 02:31 19187392 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-11-09 03:33 . 2017-10-11 02:31 505256 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-11-09 03:33 . 2017-11-09 03:33 419520 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-11-09 03:33 . 2017-11-09 03:33 13379352 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 10986768 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 23474664 ----a-w- c:\windows\system32\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 19212720 ----a-w- c:\windows\SysWow64\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 164648 ----a-w- c:\windows\system32\nvoglshim64.dll
2017-11-09 03:33 . 2017-11-09 03:33 142336 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2017-11-09 03:32 . 2017-11-09 03:32 182296 ----a-w- c:\windows\system32\nvinitx.dll
2017-11-09 03:32 . 2017-11-09 03:32 159736 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-11-09 03:32 . 2017-11-09 03:32 1154296 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 902312 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 540856 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2017-11-09 03:32 . 2017-11-09 03:32 459032 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2017-11-09 03:32 . 2017-10-11 02:30 18375312 ----a-w- c:\windows\system32\nvd3dumx.dll
2017-11-09 03:32 . 2017-10-11 02:30 15168288 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2017-11-09 03:32 . 2017-11-09 03:32 13994320 ----a-w- c:\windows\system32\nvcuda.dll
2017-11-09 03:32 . 2017-11-09 03:32 11891192 ----a-w- c:\windows\SysWow64\nvcuda.dll
2017-11-09 03:32 . 2017-10-11 02:29 4330832 ----a-w- c:\windows\system32\nvapi64.dll
2017-11-09 03:32 . 2017-11-09 03:32 3841120 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-11-07 16:31 . 2017-12-13 14:45 2048 ----a-w- c:\windows\system32\tzres.dll
2017-11-07 16:13 . 2017-12-13 14:45 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2017-11-04 15:31 . 2017-12-13 14:45 194048 ----a-w- c:\windows\system32\itircl.dll
2017-11-04 15:31 . 2017-12-13 14:45 170496 ----a-w- c:\windows\system32\itss.dll
2017-11-04 15:10 . 2017-12-13 14:45 158720 ----a-w- c:\windows\SysWow64\itircl.dll
2017-11-04 15:10 . 2017-12-13 14:45 142336 ----a-w- c:\windows\SysWow64\itss.dll
2017-11-02 16:55 . 2017-12-13 14:45 138240 ----a-w- c:\windows\system32\rtm.dll
2017-11-02 16:55 . 2017-12-13 14:45 97792 ----a-w- c:\windows\system32\mprdim.dll
2017-11-02 16:55 . 2017-12-13 14:45 9728 ----a-w- c:\windows\system32\iprtprio.dll
2017-11-02 16:55 . 2017-12-13 14:45 281600 ----a-w- c:\windows\system32\iprtrmgr.dll
2017-11-02 15:11 . 2017-12-13 14:45 115200 ----a-w- c:\windows\SysWow64\rtm.dll
2017-11-02 15:11 . 2017-12-13 14:45 75264 ----a-w- c:\windows\SysWow64\mprdim.dll
2017-11-02 15:11 . 2017-12-13 14:45 271360 ----a-w- c:\windows\SysWow64\iprtrmgr.dll
2017-11-02 14:56 . 2017-12-13 14:45 8192 ----a-w- c:\windows\SysWow64\iprtprio.dll
2017-10-27 16:36 . 2017-11-20 17:38 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-10-27 16:12 . 2017-11-20 17:39 5960824 ----a-w- c:\windows\system32\nvcpl.dll
2017-10-27 16:12 . 2017-11-20 17:39 2587768 ----a-w- c:\windows\system32\nvsvc64.dll
2017-10-27 16:12 . 2017-11-20 17:39 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-10-27 16:12 . 2017-11-20 17:39 607168 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-10-27 16:12 . 2017-11-20 17:39 449656 ----a-w- c:\windows\system32\nvmctray.dll
2017-10-27 16:12 . 2017-11-20 17:39 1766520 ----a-w- c:\windows\system32\nvsvcr.dll
2017-10-27 16:12 . 2017-11-20 17:39 123000 ----a-w- c:\windows\system32\nvshext.dll
2017-10-27 16:06 . 2017-12-08 17:53 136312 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2017-10-26 09:01 . 2017-01-17 07:15 77736 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2017-10-26 09:01 . 2017-01-17 07:15 180088 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2017-10-26 09:01 . 2017-01-17 07:15 132848 ----a-w- c:\windows\system32\drivers\eamonm.sys
2017-10-25 10:33 . 2017-11-20 17:39 7802921 ----a-w- c:\windows\system32\nvcoproc.bin
2017-10-20 05:34 . 2017-04-02 16:35 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2017-05-08 12:14 151552 --sha-w- c:\windows\kmsem\KMService.exe
2017-05-08 12:14 8192 --sha-w- c:\windows\SysWOW64\srvany.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2016-11-10 . 34BA256FBF83457F9D5E51A56DB54542 . 1009152 . . [6.1.7601.23594] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_2b915fa59d5abee0\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2016-11-10 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2017-12-29 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2016-11-10 . 3CB074875AC88A7C1010A2A7F9881A8C . 833024 . . [6.1.7601.23594] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_35e609f7d1bb80db\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-11-17 21:04 570368 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-11-17 21:04 570368 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-11-17 21:04 570368 ----a-w- c:\programdata\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 289096 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.19.0.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2017-02-07 4701888]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2017-08-25 27832272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-02-22 292088]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-06-19 262144]
"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]
"adm_tray.exe"="c:\program files (x86)\Acronis\DriveMonitor\adm_tray.exe" [2010-06-04 530768]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2018-01-08 3567928]
"Cobian Backup 10"="c:\program files (x86)\Cobian Backup 10\Cobian.exe" [2010-09-23 421376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-09-05 587288]
.
c:\users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MEGAsync.lnk - c:\programdata\MEGAsync\MEGAsync.exe [2017-6-21 7867808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2017-4-4 155648]
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2017-4-4 718336]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
IMAP Notify.lnk - c:\program files (x86)\IMAP Notify\IMAPNotify.exe [2017-7-19 196665]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox Update Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2017/04/02 18:52];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe;c:\program files (x86)\Cobian Backup 10\cbVSCService.exe [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys;c:\windows\SYSNATIVE\DRIVERS\AVerPola.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 HPEWSFXBULK;HPEWSFXBULK;c:\windows\system32\drivers\hpfx64bulk.sys;c:\windows\SYSNATIVE\drivers\hpfx64bulk.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2018-01-16 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04 09:47]
.
2018-01-16 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-05-04 09:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Pending)]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-11-17 21:04 598528 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Synced)]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-11-17 21:04 598528 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ MEGA (Syncing)]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-11-17 21:04 598528 ----a-w- c:\programdata\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2018-01-08 21:08 337224 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.19.0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2015-06-01 411056]
"Persistence"="c:\windows\system32\igfxpers.exe" [2015-06-01 453552]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-05-12 831488]
"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2017-08-25 575416]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\ecmdS.exe" [2017-10-26 324216]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2016-12-09 9181696]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.atlas.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~3\Office16\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Poslat do On&eNotu - c:\progra~1\MICROS~3\Office16\ONBttnIE.dll/105
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 81.200.55.70 81.200.55.34
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} - hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\zner6jam.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_137_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_28_0_0_137_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\srvany.exe
c:\windows\kmsem\KMService.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\IoctlSvc.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files (x86)\Cobian Backup 10\cbInterface.exe
c:\program files (x86)\Skype\Browser\SkypeBrowserHost.exe
.
**************************************************************************
.
Celkový čas: 2018-01-16 22:47:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2018-01-16 21:47
ComboFix2.txt 2018-01-16 19:10
.
Před spuštěním: Volných bajtů: 177 579 499 520
Po spuštění: Volných bajtů: 177 237 106 688
.
- - End Of File - - 2551FBAC678F123E338DFE85D5A568AC
A36C5E4F47E84449FF07ED3517B43A31

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#11 Příspěvek od marco_cz »

Byl v počítači nežádoucí software který by mohl odesílat maily?

altrok
Moderátor
Moderátor
Příspěvky: 7256
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: samovolné odesílání mailů

#12 Příspěvek od altrok »

:arrow: Tezko rict, co na pozadi delaji ty cracky... Vylozene malware v PC nevidim. Az to tu skoncime, tak doporucuju zmenit heslo i kontrolni otazku pro reset hesla (snazit se o prolomeni kontrolni otazky je mnohem snazsi a povicero e-mailovych schranek hlavne znamejsich lidi takto bylo prolomeno).



:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan (Skenovani), pote na Clean (Cisteni)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#13 Příspěvek od marco_cz »

# AdwCleaner 7.0.6.0 - Logfile created on Wed Jan 17 19:39:04 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1121 B] - [2018/1/17 19:36:45]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

altrok
Moderátor
Moderátor
Příspěvky: 7256
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: samovolné odesílání mailů

#14 Příspěvek od altrok »

:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

marco_cz
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 kvě 2015 21:30

Re: samovolné odesílání mailů

#15 Příspěvek od marco_cz »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2018
Ran by Marek (administrator) on MAREK-PC (17-01-2018 21:28:52)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\kmsem\KMService.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Windows\vsnpstd3.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Van Dyke Technologies, Inc.) C:\Program Files (x86)\IMAP Notify\IMAPNotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Windows\tsnpstd3.exe
(Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Acronis) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 10\Cobian.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [831488 2006-05-12] ()
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [575416 2017-08-25] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [324216 2017-10-26] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [262144 2006-06-19] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [530768 2010-06-04] (Acronis)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567928 2018-01-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Cobian Backup 10] => C:\Program Files (x86)\Cobian Backup 10\Cobian.exe [421376 2010-09-23] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2017-04-04]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2017-04-04]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IMAP Notify.lnk [2017-07-19]
ShortcutTarget: IMAP Notify.lnk -> C:\Program Files (x86)\IMAP Notify\IMAPNotify.exe (Van Dyke Technologies, Inc.)
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-10-11]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 81.200.55.70 81.200.55.34
Tcpip\..\Interfaces\{98E79581-0AD0-4822-853D-739FD971FB7E}: [DhcpNameServer] 81.200.55.70 81.200.55.34

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2253546345-1451501098-3921934081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.atlas.cz/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-07] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-07] (Oracle Corporation)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab

FireFox:
========
FF DefaultProfile: zner6jam.default
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\zner6jam.default [2018-01-17]
FF Homepage: Mozilla\Firefox\Profiles\zner6jam.default -> hxxp://www.centrum.cz/
FF Extension: (Disable JavaScript Shared Memory) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\zner6jam.default\features\{254d74eb-6211-4c3e-a732-298091311bcc}\disable-js-shared-memory@mozilla.org.xpi [2018-01-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default [2018-01-17]
CHR Extension: (Prezentace Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-02]
CHR Extension: (Dokumenty Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-02]
CHR Extension: (Disk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-02]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-02]
CHR Extension: (Tabulky Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-02]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1213576 2017-08-25] ()
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [348160 2009-10-30] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-07] () [File not signed]
R2 cbVSCService; C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-04] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2018-01-08] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2648184 2017-10-26] (ESET)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2017-05-08] () [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [532864 2010-10-07] (AVerMedia TECHNOLOGIES, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-04-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-04-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132848 2017-10-26] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2017-10-26] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [77736 2017-10-26] (ESET)
R3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett Packard)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10443008 2006-06-27] (Sonix Co. Ltd.) [File not signed]
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10148480 2006-06-27] (Sonix Co. Ltd.) [File not signed]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-06-28] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-17 21:28 - 2018-01-17 21:28 - 000017674 _____ C:\Users\Marek\Desktop\FRST.txt
2018-01-17 20:43 - 2018-01-17 20:43 - 000001267 _____ C:\Users\Marek\Desktop\clean.txt
2018-01-17 20:38 - 2018-01-17 20:38 - 000000000 _____ C:\Users\Marek\Desktop\scan.txt
2018-01-17 20:35 - 2018-01-17 20:39 - 000000000 ____D C:\AdwCleaner
2018-01-17 20:34 - 2018-01-17 20:34 - 008198432 _____ (Malwarebytes) C:\Users\Marek\Desktop\adwcleaner_7.0.6.0.exe
2018-01-16 22:56 - 2018-01-16 22:56 - 000000000 ____D C:\Windows\pss
2018-01-16 22:47 - 2018-01-16 22:47 - 000032189 _____ C:\ComboFix.txt
2018-01-16 21:07 - 2018-01-16 21:07 - 000000000 ____D C:\ProgramData\Acronis
2018-01-16 20:19 - 2018-01-16 20:19 - 000036707 _____ C:\Users\Marek\Desktop\combofix.txt
2018-01-16 20:04 - 2018-01-16 22:47 - 000000000 ____D C:\Qoobox
2018-01-16 20:04 - 2018-01-16 22:44 - 000000000 ____D C:\Windows\erdnt
2018-01-16 20:04 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe
2018-01-16 20:04 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe
2018-01-16 20:04 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-01-16 20:04 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-01-16 20:04 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-01-16 20:04 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe
2018-01-16 20:04 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe
2018-01-16 20:04 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe
2018-01-16 19:25 - 2018-01-16 19:25 - 005660870 ____R (Swearware) C:\Users\Marek\Desktop\ComboFix.exe
2018-01-16 15:28 - 2018-01-17 21:28 - 000000000 ____D C:\FRST
2018-01-16 15:28 - 2018-01-16 15:28 - 002393088 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2018-01-16 15:24 - 2018-01-16 15:24 - 000002934 _____ C:\Windows\System32\Tasks\{90A388B2-2ED3-4CC8-9B80-B9334D9ED52A}
2018-01-16 15:23 - 2018-01-16 15:23 - 000002934 _____ C:\Windows\System32\Tasks\{F2014650-C671-41FD-81C5-369AB1B5F20D}
2018-01-15 08:30 - 2018-01-15 08:30 - 000126509 _____ C:\Users\Marek\Documents\Faktura_(2)_18010010.pdf
2018-01-12 16:00 - 2018-01-12 16:00 - 000128661 _____ C:\Users\Marek\Documents\Faktura_(2)_18010003.pdf
2018-01-11 21:46 - 2018-01-11 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-01-09 14:18 - 2018-01-09 14:18 - 000124362 _____ C:\Users\Marek\Desktop\Priloha.pdf
2018-01-08 22:15 - 2018-01-08 22:15 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-01-08 22:15 - 2018-01-08 22:15 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-01-08 22:15 - 2018-01-08 22:15 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-01-07 16:40 - 2018-01-07 16:40 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-01-07 16:40 - 2018-01-07 16:40 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-07 16:40 - 2017-10-20 06:34 - 000110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2018-01-06 21:47 - 2018-01-06 21:47 - 000000000 ____D C:\Users\Marek\AppData\Local\Apps\2.0
2018-01-06 15:09 - 2018-01-06 15:09 - 000116170 _____ C:\Users\Marek\Desktop\wspdf6457428998167222999hlasenka.pdf
2018-01-06 09:59 - 2018-01-06 09:59 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2018-01-05 08:58 - 2018-01-05 08:58 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-01-05 08:58 - 2018-01-05 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-05 00:32 - 2017-12-29 19:39 - 020274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-01-05 00:32 - 2017-12-29 18:38 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-01-05 00:32 - 2017-12-29 10:15 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-05 00:32 - 2017-12-29 09:04 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-05 00:31 - 2018-01-01 03:21 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-05 00:31 - 2018-01-01 03:21 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000948968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-05 00:31 - 2018-01-01 03:21 - 000288488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-05 00:31 - 2018-01-01 03:21 - 000213736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-01-05 00:31 - 2018-01-01 03:21 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-05 00:31 - 2018-01-01 03:21 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-05 00:31 - 2018-01-01 03:19 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-01-05 00:31 - 2018-01-01 03:18 - 000842752 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-01-05 00:31 - 2018-01-01 03:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-01-05 00:31 - 2018-01-01 03:18 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2018-01-05 00:31 - 2018-01-01 03:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2018-01-05 00:31 - 2018-01-01 03:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 03:18 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-01-05 00:31 - 2018-01-01 03:13 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-05 00:31 - 2018-01-01 03:04 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-05 00:31 - 2018-01-01 03:02 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2018-01-05 00:31 - 2018-01-01 03:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2018-01-05 00:31 - 2018-01-01 03:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\traffic.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-01-05 00:31 - 2018-01-01 03:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:55 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-05 00:31 - 2018-01-01 02:55 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2018-01-05 00:31 - 2018-01-01 02:54 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-01-05 00:31 - 2018-01-01 02:54 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-01-05 00:31 - 2018-01-01 02:54 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-01-05 00:31 - 2018-01-01 02:50 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-01-05 00:31 - 2018-01-01 02:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-01-05 00:31 - 2018-01-01 02:49 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-01-05 00:31 - 2018-01-01 02:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-05 00:31 - 2018-01-01 02:49 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-01-05 00:31 - 2018-01-01 02:46 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-01-05 00:31 - 2018-01-01 02:45 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-01-05 00:31 - 2018-01-01 02:43 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2018-01-05 00:31 - 2018-01-01 02:43 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapPeerProxy.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnEapAuthProxy.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-01-05 00:31 - 2018-01-01 02:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshqos.dll
2018-01-05 00:31 - 2018-01-01 02:42 - 000460288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-05 00:31 - 2018-01-01 02:42 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-05 00:31 - 2018-01-01 02:42 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-01-05 00:31 - 2018-01-01 02:42 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-01-05 00:31 - 2018-01-01 02:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-05 00:31 - 2018-01-01 02:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-01-05 00:31 - 2018-01-01 02:41 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-01-05 00:31 - 2018-01-01 02:39 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-01-05 00:31 - 2018-01-01 02:36 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-01-05 00:31 - 2018-01-01 02:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-01-05 00:31 - 2018-01-01 02:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-01-05 00:31 - 2018-01-01 02:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-01-05 00:31 - 2018-01-01 02:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-01-05 00:31 - 2018-01-01 02:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-01-05 00:31 - 2017-12-30 08:29 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-05 00:31 - 2017-12-30 07:42 - 000347328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-01-05 00:31 - 2017-12-29 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-01-05 00:31 - 2017-12-29 19:13 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-01-05 00:31 - 2017-12-29 19:13 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-01-05 00:31 - 2017-12-29 19:12 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-01-05 00:31 - 2017-12-29 19:12 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-01-05 00:31 - 2017-12-29 19:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-01-05 00:31 - 2017-12-29 19:09 - 002294272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-01-05 00:31 - 2017-12-29 19:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-01-05 00:31 - 2017-12-29 19:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-01-05 00:31 - 2017-12-29 19:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-01-05 00:31 - 2017-12-29 19:03 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-01-05 00:31 - 2017-12-29 19:03 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-01-05 00:31 - 2017-12-29 19:03 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-01-05 00:31 - 2017-12-29 18:55 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-01-05 00:31 - 2017-12-29 18:51 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-05 00:31 - 2017-12-29 18:50 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-01-05 00:31 - 2017-12-29 18:50 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-01-05 00:31 - 2017-12-29 18:47 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-01-05 00:31 - 2017-12-29 18:47 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-01-05 00:31 - 2017-12-29 18:46 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-01-05 00:31 - 2017-12-29 18:45 - 004508160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-01-05 00:31 - 2017-12-29 18:44 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-01-05 00:31 - 2017-12-29 18:39 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-01-05 00:31 - 2017-12-29 18:38 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-01-05 00:31 - 2017-12-29 18:37 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-01-05 00:31 - 2017-12-29 18:36 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-01-05 00:31 - 2017-12-29 18:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-01-05 00:31 - 2017-12-29 18:15 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-01-05 00:31 - 2017-12-29 18:13 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-01-05 00:31 - 2017-12-29 10:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-01-05 00:31 - 2017-12-29 10:04 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-01-05 00:31 - 2017-12-29 09:52 - 002900480 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-05 00:31 - 2017-12-29 09:51 - 005796352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-05 00:31 - 2017-12-29 09:51 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-05 00:31 - 2017-12-29 09:50 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-05 00:31 - 2017-12-29 09:50 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-05 00:31 - 2017-12-29 09:50 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-05 00:31 - 2017-12-29 09:50 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-01-05 00:31 - 2017-12-29 09:44 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-05 00:31 - 2017-12-29 09:43 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-05 00:31 - 2017-12-29 09:40 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-05 00:31 - 2017-12-29 09:39 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-05 00:31 - 2017-12-29 09:39 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-05 00:31 - 2017-12-29 09:39 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-05 00:31 - 2017-12-29 09:39 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-01-05 00:31 - 2017-12-29 09:32 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-01-05 00:31 - 2017-12-29 09:28 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-05 00:31 - 2017-12-29 09:22 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-05 00:31 - 2017-12-29 09:22 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-05 00:31 - 2017-12-29 09:21 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-05 00:31 - 2017-12-29 09:18 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-05 00:31 - 2017-12-29 09:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-05 00:31 - 2017-12-29 09:16 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-05 00:31 - 2017-12-29 09:14 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-05 00:31 - 2017-12-29 09:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-05 00:31 - 2017-12-29 09:03 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-05 00:31 - 2017-12-29 09:03 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-05 00:31 - 2017-12-29 09:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-05 00:31 - 2017-12-29 09:01 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-01-05 00:31 - 2017-12-29 08:50 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-05 00:31 - 2017-12-29 08:39 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-05 00:31 - 2017-12-29 08:27 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-05 00:31 - 2017-12-21 07:27 - 000634312 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-05 00:31 - 2017-12-13 17:31 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-01-05 00:31 - 2017-12-13 17:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-01-05 00:31 - 2017-12-13 17:15 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-01-05 00:31 - 2017-12-13 17:11 - 000071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-01-05 00:31 - 2017-12-13 17:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-01-05 00:31 - 2017-12-13 17:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-01-05 00:31 - 2017-12-13 16:50 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-01-05 00:31 - 2017-12-05 18:36 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-01-05 00:31 - 2017-12-05 18:36 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-01-05 00:31 - 2017-12-05 18:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-01-05 00:31 - 2017-12-05 18:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-01-05 00:31 - 2017-12-05 18:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-01-05 00:31 - 2017-12-05 16:59 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-01-05 00:31 - 2017-12-05 16:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-12-29 21:37 - 2017-12-29 21:37 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-12-29 21:37 - 2017-12-29 21:37 - 000410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2017-12-29 21:37 - 2017-12-29 21:37 - 000113543 _____ C:\Windows\SysWOW64\slmgr.vbs
2017-12-29 21:37 - 2017-12-29 21:37 - 000002048 _____ C:\Windows\SysWOW64\winver.exe
2017-12-29 21:37 - 2017-12-29 21:37 - 000001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2017-12-27 19:57 - 2017-12-27 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STORMWARE Office
2017-12-21 21:01 - 2017-12-21 21:01 - 000057330 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0033.pdf
2017-12-21 21:00 - 2017-12-21 21:00 - 000101177 _____ C:\Users\Marek\Documents\Faktura_17010123.pdf
2017-12-21 21:00 - 2017-12-21 21:00 - 000072757 _____ C:\Users\Marek\Documents\Daňový_doklad_17HP0033.pdf
2017-12-20 19:25 - 2017-12-20 19:25 - 000057377 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0032.pdf
2017-12-20 19:24 - 2017-12-20 19:24 - 000106724 _____ C:\Users\Marek\Documents\Faktura_17010117.pdf
2017-12-20 19:24 - 2017-12-20 19:24 - 000057095 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0031.pdf
2017-12-20 19:24 - 2017-12-20 19:24 - 000057092 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0030.pdf
2017-12-20 19:23 - 2017-12-20 19:23 - 000111128 _____ C:\Users\Marek\Documents\Faktura_17010119.pdf
2017-12-20 19:23 - 2017-12-20 19:23 - 000102984 _____ C:\Users\Marek\Documents\Faktura_17010121.pdf
2017-12-18 23:02 - 2017-12-18 23:02 - 000100507 _____ C:\Users\Marek\Documents\Faktura_17010118.pdf
2017-12-18 23:02 - 2017-12-18 23:02 - 000057706 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0029.pdf
2017-12-18 23:00 - 2017-12-18 23:00 - 000057486 _____ C:\Users\Marek\Documents\Pokladní_doklad_17HP0028.pdf
2017-12-18 22:59 - 2017-12-18 22:59 - 000107335 _____ C:\Users\Marek\Documents\Faktura_17010113.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-17 21:27 - 2017-04-02 17:35 - 000000000 ____D C:\Users\Marek\AppData\LocalLow\Mozilla
2018-01-17 21:26 - 2017-04-02 17:57 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Skype
2018-01-17 21:23 - 2017-11-20 18:38 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-17 21:23 - 2017-05-04 10:47 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-01-17 21:23 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-17 20:43 - 2009-07-14 05:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-17 20:43 - 2009-07-14 05:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-17 20:34 - 2017-04-02 19:56 - 000000000 ____D C:\Users\Marek\AppData\Roaming\uTorrent
2018-01-17 19:52 - 2017-05-04 10:47 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-01-17 19:39 - 2017-04-04 18:43 - 000000000 ____D C:\Users\Marek\Documents\AVerTV
2018-01-16 23:35 - 2011-04-12 09:34 - 000668542 _____ C:\Windows\system32\perfh005.dat
2018-01-16 23:35 - 2011-04-12 09:34 - 000141202 _____ C:\Windows\system32\perfc005.dat
2018-01-16 23:35 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-16 23:35 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-16 22:46 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2018-01-16 21:32 - 2017-04-02 18:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-01-16 18:35 - 2017-04-10 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2018-01-16 13:40 - 2017-04-13 20:27 - 000003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1492111672
2018-01-16 13:40 - 2017-04-13 20:27 - 000000000 ____D C:\Program Files (x86)\Opera
2018-01-15 11:29 - 2017-04-02 18:59 - 000000000 ____D C:\Users\Marek\Desktop\ČSOB
2018-01-11 21:46 - 2017-05-04 10:47 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-01-09 22:43 - 2017-04-02 18:39 - 000000000 ____D C:\Windows\system32\MRT
2018-01-09 22:41 - 2017-10-10 19:28 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-09 22:41 - 2017-04-02 18:39 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-09 22:35 - 2017-04-02 18:07 - 001557940 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-01-09 20:57 - 2017-11-09 19:37 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-01-09 20:57 - 2017-04-02 17:35 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-01-09 20:57 - 2017-04-02 17:35 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-09 20:57 - 2017-04-02 17:35 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-01-09 20:57 - 2017-04-02 17:35 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-01-09 20:57 - 2017-04-02 17:35 - 000000000 ____D C:\Windows\system32\Macromed
2018-01-09 02:04 - 2017-04-02 17:33 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-07 16:40 - 2017-04-02 17:35 - 000000000 ____D C:\ProgramData\Oracle
2018-01-07 16:40 - 2017-04-02 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-07 16:32 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-01-06 22:03 - 2017-11-20 20:50 - 000000000 ____D C:\Users\Marek\AppData\Roaming\Mediatronic
2018-01-06 12:16 - 2017-07-19 09:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-01-06 12:16 - 2017-06-30 08:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-06 12:16 - 2017-04-02 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-06 10:00 - 2017-04-10 20:39 - 000000000 ____D C:\Program Files (x86)\Acronis
2018-01-05 08:58 - 2017-04-02 17:57 - 000000000 ____D C:\ProgramData\Skype
2018-01-05 03:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-01-05 03:19 - 2009-07-14 05:45 - 000496960 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-01 10:58 - 2017-05-01 09:26 - 000000000 ____D C:\Users\Marek\Desktop\obrazky Terezka
2017-12-27 19:57 - 2017-10-05 15:15 - 000001981 _____ C:\Users\Public\Desktop\POHODA.lnk
2017-12-27 19:57 - 2017-04-02 19:56 - 000000000 ____D C:\Program Files (x86)\STORMWARE
2017-12-21 05:05 - 2017-11-30 20:59 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2017-04-02 19:52] - [2016-11-10 17:32] - 001008640 _____ (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2017-12-29 21:37] - [2017-12-29 21:37] - 000833024 _____ (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-08 00:12

==================== End of FRST.txt ============================

Odpovědět