Najednou hrozně pomalé PC...

Zpráva

Premek84 · #1 Příspěvek od **Premek84** » 20 bře 2018 21:18

Zdravím pánové...pozoruju už cca 14 dnů rapidní úbytek výkonu.... když se koukám mna utilitu CoreTemp tak jádro č. 1 je skoro stále 100% vytíženo a další tři jádra mezi 2-20%... je to normální? přikládám log z RSIT...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Přema at 2018-03-20 21:11:44
Microsoft Windows 10 Pro
System drive C: has 847 GB (89%) free of 953 GB
Total RAM: 3326 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:55, on 20.03.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0192)
Boot mode: Normal

Running processes:
C:\Windows\system32\sihost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x86__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1802.311.0_x86__8wekyb3d8bbwe\Calculator.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Windows\system32\browser_broker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Users\Přema\Downloads\RSIT.exe
C:\Program Files\trend micro\Přema.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\Windows\TEMP\E_S49D4.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Windows\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 6665 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-03 474688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-03 188992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 488344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [2015-11-04 748744]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-03 245608]
"SunJavaUpdateSched"=C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2018-01-29 41100328]
"EPSON SX110 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [2008-09-26 199680]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-02-12 4201152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.VP80"=vp8vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-20 21:11:44 ----D---- C:\rsit
2018-03-20 21:11:44 ----D---- C:\Program Files\trend micro
2018-03-20 21:10:27 ----D---- C:\FRST
2018-03-16 20:58:26 ----D---- C:\Users\Přema\AppData\Roaming\Macromedia
2018-03-15 22:29:19 ----D---- C:\Windows\system32\appmgmt
2018-03-15 22:26:09 ----D---- C:\Program Files\KMSpico
2018-03-14 19:49:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-03-13 22:15:06 ----A---- C:\Windows\system32\win32kbase.sys
2018-03-13 22:15:06 ----A---- C:\Windows\system32\drivers\storufs.sys
2018-03-13 22:15:06 ----A---- C:\Windows\system32\drivers\storahci.sys
2018-03-13 22:15:06 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-03-13 22:15:05 ----A---- C:\Windows\system32\vbscript.dll
2018-03-13 22:15:05 ----A---- C:\Windows\system32\StorSvc.dll
2018-03-13 22:15:05 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2018-03-13 22:15:04 ----A---- C:\Windows\system32\win32kfull.sys
2018-03-13 22:15:04 ----A---- C:\Windows\system32\drivers\stornvme.sys
2018-03-13 22:15:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-03-13 22:15:04 ----A---- C:\Windows\system32\drivers\BasicRender.sys
2018-03-13 22:15:03 ----A---- C:\Windows\system32\drivers\pci.sys
2018-03-13 22:15:03 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-03-13 22:15:02 ----A---- C:\Windows\system32\jscript9diag.dll
2018-03-13 22:15:02 ----A---- C:\Windows\system32\jscript.dll
2018-03-13 22:15:02 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2018-03-13 22:15:01 ----A---- C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-13 22:15:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-03-13 22:15:01 ----A---- C:\Windows\system32\EdgeManager.dll
2018-03-13 22:15:01 ----A---- C:\Windows\system32\drivers\UcmUcsi.sys
2018-03-13 22:15:00 ----A---- C:\Windows\system32\jscript9.dll
2018-03-13 22:14:59 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2018-03-13 22:14:59 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-03-13 22:14:59 ----A---- C:\Windows\system32\d3d10warp.dll
2018-03-13 22:14:58 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 22:14:58 ----A---- C:\Windows\system32\win32appinventorycsp.dll
2018-03-13 22:14:58 ----A---- C:\Windows\system32\edgeIso.dll
2018-03-13 22:14:58 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-03-13 22:14:58 ----A---- C:\Windows\system32\drivers\netvsc.sys
2018-03-13 22:14:57 ----A---- C:\Windows\system32\iertutil.dll
2018-03-13 22:14:57 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-03-13 22:14:56 ----A---- C:\Windows\system32\ieframe.dll
2018-03-13 22:14:55 ----A---- C:\Windows\system32\Chakra.dll
2018-03-13 22:14:54 ----A---- C:\Windows\system32\wintrust.dll
2018-03-13 22:14:54 ----A---- C:\Windows\system32\rdpcorets.dll
2018-03-13 22:14:54 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2018-03-13 22:14:53 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-13 22:14:52 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-03-13 22:14:51 ----A---- C:\Windows\system32\dbgeng.dll
2018-03-13 22:14:50 ----A---- C:\Windows\system32\aitstatic.exe
2018-03-13 22:14:50 ----A---- C:\Windows\system32\AcSpecfc.dll
2018-03-13 22:14:49 ----A---- C:\Windows\system32\wininet.dll
2018-03-13 22:14:49 ----A---- C:\Windows\system32\msIso.dll
2018-03-13 22:14:48 ----A---- C:\Windows\system32\drivers\WdiWiFi.sys
2018-03-13 22:14:48 ----A---- C:\Windows\system32\drivers\nwifi.sys
2018-03-13 22:14:46 ----A---- C:\Windows\system32\mshtml.dll
2018-03-13 22:14:44 ----A---- C:\Windows\system32\webplatstorageserver.dll
2018-03-13 22:14:43 ----A---- C:\Windows\system32\mfplat.dll
2018-03-13 22:14:43 ----A---- C:\Windows\system32\edgehtml.dll
2018-03-13 22:14:33 ----A---- C:\Windows\system32\lsasrv.dll
2018-03-13 22:14:33 ----A---- C:\Windows\system32\drivers\wcnfs.sys
2018-03-13 22:14:33 ----A---- C:\Windows\system32\drivers\wcifs.sys
2018-03-13 22:14:33 ----A---- C:\Windows\system32\drivers\vmbus.sys
2018-03-13 22:14:33 ----A---- C:\Windows\system32\drivers\RfxVmt.sys
2018-03-13 22:14:32 ----A---- C:\Windows\system32\rdpudd.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\pcasvc.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\invagent.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\generaltel.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2018-03-13 22:14:32 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2018-03-13 22:14:32 ----A---- C:\Windows\system32\devinv.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\DeviceCensus.exe
2018-03-13 22:14:32 ----A---- C:\Windows\system32\dcntel.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-03-13 22:14:32 ----A---- C:\Windows\system32\appraiser.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\aepic.dll
2018-03-13 22:14:32 ----A---- C:\Windows\system32\aeinv.dll
2018-03-13 22:14:31 ----A---- C:\Windows\system32\usoapi.dll
2018-03-13 22:14:31 ----A---- C:\Windows\system32\samsrv.dll
2018-03-13 22:14:31 ----A---- C:\Windows\system32\rpcrt4.dll
2018-03-13 22:14:31 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2018-03-13 22:14:31 ----A---- C:\Windows\system32\MusNotificationUx.exe
2018-03-13 22:14:31 ----A---- C:\Windows\system32\musdialoghandlers.dll
2018-03-13 22:14:30 ----A---- C:\Windows\system32\usocore.dll
2018-03-13 22:14:30 ----A---- C:\Windows\system32\Spectrum.exe
2018-03-13 22:14:30 ----A---- C:\Windows\system32\drivers\sdstor.sys
2018-03-13 22:14:30 ----A---- C:\Windows\system32\drivers\cng.sys
2018-03-13 22:14:29 ----A---- C:\Windows\system32\zipfldr.dll
2018-03-13 22:14:29 ----A---- C:\Windows\system32\Windows.Payments.dll
2018-03-13 22:14:29 ----A---- C:\Windows\system32\updatehandlers.dll
2018-03-13 22:14:29 ----A---- C:\Windows\system32\SecurityHealthService.exe
2018-03-13 22:14:29 ----A---- C:\Windows\system32\SecurityHealthAgent.dll
2018-03-13 22:14:29 ----A---- C:\Windows\system32\drivers\spaceport.sys
2018-03-13 22:14:29 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2018-03-13 22:14:29 ----A---- C:\Windows\system32\daxexec.dll
2018-03-13 22:14:28 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2018-03-13 22:14:28 ----A---- C:\Windows\system32\MusNotification.exe
2018-03-13 22:14:28 ----A---- C:\Windows\system32\KernelBase.dll
2018-03-13 22:14:28 ----A---- C:\Windows\system32\drivers\sdbus.sys
2018-03-13 22:14:28 ----A---- C:\Windows\system32\cldapi.dll
2018-03-13 22:14:28 ----A---- C:\Windows\system32\cdp.dll
2018-03-13 22:14:28 ----A---- C:\Windows\system32\acmigration.dll
2018-03-13 22:14:27 ----A---- C:\Windows\system32\wlidsvc.dll
2018-03-13 22:14:27 ----A---- C:\Windows\system32\msi.dll
2018-03-13 22:14:26 ----A---- C:\Windows\system32\winmde.dll
2018-03-13 22:14:26 ----A---- C:\Windows\system32\TSpkg.dll
2018-03-13 22:14:26 ----A---- C:\Windows\system32\MSVPXENC.dll
2018-03-13 22:14:26 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-03-13 22:14:26 ----A---- C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 22:14:26 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2018-03-13 22:14:25 ----A---- C:\Windows\system32\offlinesam.dll
2018-03-13 22:14:25 ----A---- C:\Windows\system32\offlinelsa.dll
2018-03-13 22:14:25 ----A---- C:\Windows\system32\msra.exe
2018-03-13 22:14:25 ----A---- C:\Windows\system32\drivers\tpm.sys
2018-03-13 22:14:25 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-03-13 22:14:25 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-03-13 22:14:25 ----A---- C:\Windows\system32\drivers\ataport.sys
2018-03-13 22:14:25 ----A---- C:\Windows\system32\cdpusersvc.dll
2018-03-13 22:14:24 ----A---- C:\Windows\system32\msisip.dll
2018-03-13 22:14:24 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2018-03-13 22:14:24 ----A---- C:\Windows\system32\credssp.dll
2018-03-04 00:07:58 ----D---- C:\Program Files\Farming Simulator 15
2018-03-03 11:16:01 ----D---- C:\Windows\Program Files\\Common Files\Java
2018-03-03 11:15:56 ----D---- C:\Users\Přema\AppData\Roaming\Sun
2018-03-03 11:15:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2018-03-03 11:15:16 ----D---- C:\ProgramData\Oracle
2018-03-03 11:15:10 ----D---- C:\Program Files\Java
2018-03-03 10:46:31 ----A---- C:\Windows\system32\aswBoot.exe
2018-02-28 16:11:21 ----HD---- C:\$AV_ASW
2018-02-28 12:37:54 ----D---- C:\Users\Přema\AppData\Roaming\AVAST Software
2018-02-28 12:37:17 ----A---- C:\Windows\system32\drivers\lpsport.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswStm.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswSP.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswbunivx.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswblogx.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswbidshx.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswbidsdriverx.sys
2018-02-28 12:36:39 ----A---- C:\Windows\system32\drivers\aswArPot.sys
2018-02-28 12:36:32 ----A---- C:\Windows\ucrtbase.dll
2018-02-28 12:36:31 ----D---- C:\Windows\Program Files\\Common Files\AVAST Software
2018-02-28 12:32:47 ----D---- C:\Program Files\AVAST Software
2018-02-28 12:32:01 ----D---- C:\ProgramData\AVAST Software
2018-02-26 22:36:59 ----D---- C:\Users\Přema\AppData\Roaming\EPSON
2018-02-23 20:20:05 ----D---- C:\Windows\system32\drivers\wd

======List of files/folders modified in the last 1 month======

2018-03-20 21:11:52 ----D---- C:\Windows\Prefetch
2018-03-20 21:11:44 ----RD---- C:\Program Files
2018-03-20 21:10:29 ----D---- C:\Windows
2018-03-20 21:09:19 ----D---- C:\Windows\Temp
2018-03-20 20:20:31 ----HD---- C:\Program Files\WindowsApps
2018-03-20 20:17:01 ----D---- C:\Windows\AppReadiness
2018-03-20 20:16:21 ----D---- C:\Windows\DeliveryOptimization
2018-03-20 20:15:50 ----D---- C:\Windows\system32\sru
2018-03-20 20:13:04 ----D---- C:\Program Files\Core Temp
2018-03-19 22:24:16 ----D---- C:\Windows\system32\drivers
2018-03-19 22:24:16 ----D---- C:\Windows\INF
2018-03-19 22:24:15 ----D---- C:\Windows\system32\DriverStore
2018-03-19 22:23:01 ----D---- C:\Windows\system32\catroot2
2018-03-19 22:22:50 ----SHD---- C:\System Volume Information
2018-03-19 22:22:08 ----D---- C:\Windows\system32\drivers\UMDF
2018-03-19 22:22:08 ----D---- C:\Windows\System32
2018-03-17 21:40:27 ----D---- C:\Windows\system32\SleepStudy
2018-03-16 17:52:15 ----SHD---- C:\Windows\Installer
2018-03-16 17:51:34 ----D---- C:\ProgramData\Microsoft Help
2018-03-16 17:51:22 ----RD---- C:\Windows\assembly
2018-03-15 22:29:39 ----D---- C:\Windows\Program Files\\Common Files\Microsoft Shared
2018-03-15 22:28:43 ----D---- C:\Windows\system32\Tasks
2018-03-14 20:55:16 ----D---- C:\Windows\system32\config
2018-03-14 20:52:36 ----D---- C:\Windows\Logs
2018-03-14 20:31:18 ----D---- C:\Windows\WinSxS
2018-03-14 20:30:34 ----D---- C:\Windows\rescache
2018-03-14 20:04:48 ----RD---- C:\Windows\Microsoft.NET
2018-03-14 19:53:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-03-13 23:55:19 ----D---- C:\Windows\TextInput
2018-03-13 23:55:19 ----D---- C:\Windows\system32\cs-CZ
2018-03-13 23:55:19 ----D---- C:\Windows\system32\appraiser
2018-03-13 23:55:18 ----D---- C:\Windows\ShellExperiences
2018-03-13 23:55:18 ----D---- C:\Windows\PolicyDefinitions
2018-03-13 23:55:18 ----D---- C:\Windows\AppPatch
2018-03-13 22:27:13 ----D---- C:\Windows\CbsTemp
2018-03-13 22:23:17 ----D---- C:\Windows\system32\MRT
2018-03-13 22:23:10 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-03-13 22:23:00 ----AC---- C:\Windows\system32\MRT.exe
2018-03-13 22:16:29 ----A---- C:\Windows\system32\Chakradiag.dll
2018-03-13 22:15:42 ----A---- C:\Windows\system32\vmbuspipe.dll
2018-03-10 20:52:24 ----D---- C:\KMPlayer
2018-03-07 18:02:44 ----D---- C:\Windows\system32\NDF
2018-03-05 20:37:22 ----D---- C:\Windows\system32\drivers\etc
2018-03-05 00:00:01 ----D---- C:\Windows\system32\LogFiles
2018-03-03 19:15:26 ----D---- C:\Windows\Minidump
2018-03-03 11:15:16 ----HD---- C:\ProgramData
2018-03-02 09:43:31 ----D---- C:\Windows\LiveKernelReports
2018-02-28 12:42:44 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-03-03 157368]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-03-03 276688]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-03-03 50336]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-03-03 70816]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-03-03 310784]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2017-09-29 43552]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2017-09-30 210328]
R0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2018-02-22 38304]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-03-03 167040]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-03-03 185432]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-03-03 169536]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-03-03 100032]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-03-03 783608]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-03-03 391856]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-01-01 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2017-09-29 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-01-01 7680]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2014-02-11 50400]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-03-03 124392]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-03-03 152344]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2018-02-10 308736]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2017-09-29 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2018-01-01 62976]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-16 19525104]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-16 542192]
R3 AtiHDAudioService;@oem2.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWT3.sys [2016-04-18 91160]
R3 dtlitescsibus;@oem8.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2018-02-13 26168]
R3 dtliteusbbus;@oem10.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2018-02-13 40504]
R3 rt640x86;@rt640x86.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x86.sys [2017-09-29 504832]
R3 RtlWlanu;@netrtwlanu.inf,%RtlWlanu.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\System32\drivers\rtwlanu.sys [2017-09-29 4729856]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2017-09-29 102808]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2017-09-29 84376]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2017-09-29 56728]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2017-09-29 51608]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2017-09-29 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2017-09-29 32152]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2017-09-29 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2017-09-29 13312]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2017-09-30 92056]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2017-09-30 116632]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2017-09-30 109464]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-03-03 42808]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2017-09-29 27136]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2017-09-29 51608]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2017-09-29 98816]
S3 dg_ssudbus;@oem12.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 109456]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2018-02-13 17488]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2017-09-29 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2017-09-29 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2017-09-29 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2017-09-29 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2017-09-29 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2017-09-29 74240]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2017-09-29 57856]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2017-09-29 30208]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2017-09-29 19456]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-01-01 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2017-09-29 405024]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2017-09-29 42904]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2017-09-29 91648]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2017-09-29 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2017-09-29 71680]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 147344]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2017-10-25 79872]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\Windows\System32\Drivers\UcmTcpciCx.sys [2017-09-29 100864]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2018-02-22 39424]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2017-09-29 31744]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2017-09-29 204696]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2017-09-29 74272]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2017-09-29 107416]
S4 UevAgentDriver;@%systemroot%\system32\drivers\UevAgentDriver.sys,-101; C:\Windows\system32\drivers\UevAgentDriver.sys [2017-09-30 35736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-16 223216]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-04 284872]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-03 303728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R2 CDPUserSvc_3a301ab;Uživatelská služba platformy připojených zařízení_3a301ab; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2017-09-29 44520]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2017-09-29 44520]
R2 OneSyncSvc_3a301ab;Hostitel synchronizace_3a301ab; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2018-03-01 414824]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-03-03 5909888]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-02-12 3078848]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2017-09-29 44520]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 44520]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2017-09-29 44520]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R3 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2017-09-29 44520]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-02-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 DevicesFlowUserSvc_3a301ab;Tok zařízení_3a301ab; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 64000]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-02-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 MessagingService_3a301ab;Služba zasílání zpráv_3a301ab; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-01-24 175056]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 ose;Office Source Engine; C:\Windows\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 PimIndexMaintenanceSvc_3a301ab;Data kontaktů_3a301ab; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 PrintWorkflowUserSvc_3a301ab;PrintWorkflow_3a301ab; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-11-26 2891976]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2017-09-29 876544]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\Windows\system32\spectrum.exe [2018-03-01 661504]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\Windows\system32\TieringEngineService.exe [2017-09-29 265728]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2018-02-10 635800]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 44520]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\Windows\system32\svchost.exe [2017-09-29 44520]
S4 UevAgentService;@%systemroot%\system32\AgentService.exe,-102; C:\Windows\system32\AgentService.exe [2017-09-30 836096]

-----------------EOF-----------------

#2 Příspěvek od **Conder** » 20 bře 2018 21:45

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Scan (Skenovanie) a pockaj na dokoncenie
Klikni na Clean (Cistenie) a potvrd kliknutim na OK
AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

Premek84 · #3 Příspěvek od **Premek84** » 20 bře 2018 22:27

ahoj...prikladam:

# AdwCleaner 7.0.8.0 - Logfile created on Tue Mar 20 21:11:58 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tweakbit.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tweakbit.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.slunecnice.cz
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\directx-11.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\directx-11.en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3718 B] - [2018/3/20 21:10:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

#4 Příspěvek od **JaRon** » 21 bře 2018 11:37

len sa tak nezavazne zapojim

zaujimalo by ma, co kolegovi povies k tomuto adresaru

D---- C:\Program Files\KMSpico

Premek84 · #5 Příspěvek od **Premek84** » 21 bře 2018 20:25

Ahoj...asi k tomu není co říct...nemám slov...

#6 Příspěvek od **Conder** » 21 bře 2018 23:43

Operacny system teda nie je legalny?

Vid. pravidla:

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.)

Premek84 · #7 Příspěvek od **Premek84** » 22 bře 2018 20:42

Ne to v žádném případě! WIN mám s legální licencí! byl to jiný SW...už šel pryč... každopádně se zdá, že už ten prvotní návod výrazně pomohl...

#8 Příspěvek od **Conder** » 22 bře 2018 20:53

OK, docistime este zbytocnosti.

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Premek84 · #9 Příspěvek od **Premek84** » 22 bře 2018 21:17

Omlouvám se, ale tenhle odkaz nefunguje...

http://viry.xf.cz/pro_usery/FRSTLauncher.exe

#10 Příspěvek od **Conder** » 22 bře 2018 21:32

Pouzi teda iba samotny FRST, bez FRSTLauncheru.

Premek84 · #11 Příspěvek od **Premek84** » 22 bře 2018 21:56

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
Ran by Přema (administrator) on DESKTOP-1LT8DTJ (22-03-2018 21:42:39)
Running from C:\Users\Přema\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: Přema (Available Profiles: Přema)
Platform: Microsoft Windows 10 Pro Version 1709 16299.309 (X86) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [488344 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-03] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [199680 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4201152 2018-02-12] (Disc Soft Ltd)
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\MountPoints2: {3d78e6a2-101d-11e8-a3b5-001d7d01d63c} - "F:\setup.exe"
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [136192 2017-09-29] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{53735073-24ac-497d-882f-62e9569f45db}: [DhcpNameServer] 192.168.0.2

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1196086637-3924171293-559995789-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-03] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default [2018-03-22]
CHR Extension: (Prezentace) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-28]
CHR Extension: (Dokumenty) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-28]
CHR Extension: (Disk Google) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-28]
CHR Extension: (YouTube) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-28]
CHR Extension: (Tabulky) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-03]
CHR Extension: (Avast Online Security) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-28]
CHR Extension: (Gmail) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1196086637-3924171293-559995789-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [284872 2015-11-04] (Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5909888 2018-03-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-03] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3078848 2018-02-12] (Disc Soft Ltd)
S3 ose; C:\Windows\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [159960 2017-09-12] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2891976 2017-11-26] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [279264 2018-02-12] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [86552 2018-02-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-03-03] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [185432 2018-03-03] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157368 2018-03-03] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276688 2018-03-03] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50336 2018-03-03] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [169536 2018-03-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-03-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124392 2018-03-03] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100032 2018-03-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70816 2018-03-03] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783608 2018-03-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [391856 2018-03-03] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [152344 2018-03-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-03-03] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [26168 2018-02-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [40504 2018-02-13] (Disc Soft Ltd)
S3 gdrv; C:\Windows\gdrv.sys [17488 2018-02-13] (Windows (R) 2000 DDK provider)
R3 rt640x86; C:\Windows\System32\drivers\rt640x86.sys [504832 2017-09-29] (Realtek )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [4729856 2017-09-29] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [174296 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182096 2018-01-15] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [38904 2018-02-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [238160 2018-02-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [93776 2018-02-12] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [186880 2017-09-29] (Microsoft Corporation)
R1 YSDrv; C:\Program Files\Bignox\BigNoxVM\RT\YSDrv.sys [220432 2018-02-12] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-20 22:08 - 2018-03-20 22:11 - 000000000 ____D C:\AdwCleaner
2018-03-20 21:19 - 2018-03-20 21:19 - 000359230 _____ C:\Users\Přema\Desktop\180320150345_0001.pdf
2018-03-20 21:11 - 2018-03-20 21:12 - 000000000 ____D C:\rsit
2018-03-20 21:11 - 2018-03-20 21:11 - 001107968 _____ C:\Users\Přema\Downloads\RSIT.exe
2018-03-20 21:11 - 2018-03-20 21:11 - 000000000 ____D C:\Program Files\trend micro
2018-03-20 21:10 - 2018-03-22 21:42 - 000000000 ____D C:\FRST
2018-03-20 21:09 - 2018-03-20 21:09 - 001764352 _____ (Farbar) C:\Users\Přema\Downloads\FRST.exe
2018-03-19 22:22 - 2018-03-19 22:22 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-03-17 21:53 - 2018-03-17 21:57 - 428792031 _____ C:\Users\Přema\Downloads\skupina pratel si uziva vikendovou swingers na zahrade hd.mp4
2018-03-17 10:45 - 2018-03-16 09:26 - 007799723 ____N C:\Users\Přema\Desktop\CCF1632018_0003.pdf
2018-03-17 10:45 - 2018-03-16 09:26 - 003465959 ____N C:\Users\Přema\Desktop\CCF1632018_0002.pdf
2018-03-17 10:45 - 2018-03-16 09:26 - 002705284 ____N C:\Users\Přema\Desktop\CCF1632018_0001.pdf
2018-03-16 20:58 - 2018-03-16 20:58 - 000000000 ____D C:\Users\Přema\AppData\Roaming\Macromedia
2018-03-15 22:29 - 2018-03-15 22:29 - 000000000 ____D C:\Windows\system32\appmgmt

2018-03-14 19:49 - 2018-03-02 22:09 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-03-14 19:49 - 2018-03-02 22:09 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2018-03-13 22:15 - 2018-03-01 07:43 - 006412192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-13 22:15 - 2018-03-01 07:37 - 000508312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-13 22:15 - 2018-03-01 07:35 - 000607640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-03-13 22:15 - 2018-03-01 07:35 - 000142744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-13 22:15 - 2018-03-01 07:30 - 000339360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-03-13 22:15 - 2018-03-01 07:26 - 000040856 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-13 22:15 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-03-13 22:15 - 2018-03-01 07:02 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-03-13 22:15 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-03-13 22:15 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-13 22:15 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-13 22:15 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-13 22:15 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-13 22:15 - 2018-03-01 06:50 - 001622528 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-03-13 22:15 - 2018-03-01 06:48 - 000676352 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-03-13 22:15 - 2018-02-22 01:43 - 000336800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-03-13 22:15 - 2018-02-22 01:43 - 000128408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-03-13 22:15 - 2018-02-22 01:43 - 000080800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-03-13 22:15 - 2018-02-22 01:42 - 000279448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-13 22:15 - 2018-02-22 01:42 - 000038304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-03-13 22:15 - 2018-02-22 01:19 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-03-13 22:14 - 2018-03-01 21:28 - 000661504 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-03-13 22:14 - 2018-03-01 07:56 - 000603544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 001328024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 000517024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 000221592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 000119192 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-13 22:14 - 2018-03-01 07:51 - 001902488 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-13 22:14 - 2018-03-01 07:51 - 000542624 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-13 22:14 - 2018-03-01 07:51 - 000322464 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-13 22:14 - 2018-03-01 07:51 - 000062360 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-03-13 22:14 - 2018-03-01 07:45 - 001933840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-13 22:14 - 2018-03-01 07:44 - 000253144 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-03-13 22:14 - 2018-03-01 07:41 - 000816632 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-13 22:14 - 2018-03-01 07:40 - 000030616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-03-13 22:14 - 2018-03-01 07:39 - 000350616 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-03-13 22:14 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 22:14 - 2018-03-01 07:35 - 000451480 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-03-13 22:14 - 2018-03-01 07:35 - 000195488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-13 22:14 - 2018-03-01 07:32 - 000414824 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-03-13 22:14 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-03-13 22:14 - 2018-03-01 07:30 - 002117536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-03-13 22:14 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 22:14 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-13 22:14 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-03-13 22:14 - 2018-03-01 07:27 - 000538760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-13 22:14 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-13 22:14 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-03-13 22:14 - 2018-03-01 07:27 - 000170904 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-03-13 22:14 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-03-13 22:14 - 2018-03-01 07:25 - 000116120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-03-13 22:14 - 2018-03-01 07:25 - 000048024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-13 22:14 - 2018-03-01 07:24 - 000078232 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-03-13 22:14 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-03-13 22:14 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-03-13 22:14 - 2018-03-01 07:04 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-03-13 22:14 - 2018-03-01 07:03 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-03-13 22:14 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-03-13 22:14 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-13 22:14 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-13 22:14 - 2018-03-01 07:01 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-03-13 22:14 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-13 22:14 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-13 22:14 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000539648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-03-13 22:14 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-03-13 22:14 - 2018-03-01 06:57 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-03-13 22:14 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-03-13 22:14 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-03-13 22:14 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-13 22:14 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-03-13 22:14 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-13 22:14 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-03-13 22:14 - 2018-03-01 06:52 - 001132544 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-13 22:14 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-13 22:14 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-13 22:14 - 2018-03-01 06:49 - 001762304 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-13 22:14 - 2018-03-01 06:49 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-03-13 22:14 - 2018-03-01 06:48 - 001652224 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-03-13 22:14 - 2018-03-01 06:48 - 000650240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-13 22:14 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-13 22:14 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-03-13 22:14 - 2018-03-01 06:45 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-13 22:14 - 2018-02-22 02:23 - 000239000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-13 22:14 - 2018-02-22 01:54 - 000233376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-03-13 22:14 - 2018-02-22 01:50 - 000156056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-03-13 22:14 - 2018-02-22 01:48 - 000081824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-03-13 22:14 - 2018-02-22 01:48 - 000065432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-13 22:14 - 2018-02-22 01:46 - 000155552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-03-13 22:14 - 2018-02-22 01:45 - 000454048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-03-13 22:14 - 2018-02-22 01:43 - 000534944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-03-13 22:14 - 2018-02-22 01:42 - 000433568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-03-13 22:14 - 2018-02-22 01:42 - 000186784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-03-13 22:14 - 2018-02-22 01:42 - 000076192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-03-13 22:14 - 2018-02-22 01:18 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-03-13 22:14 - 2018-02-22 01:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-13 22:14 - 2018-02-22 01:17 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-03-13 22:14 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-03-13 22:14 - 2018-02-22 01:16 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-03-13 22:14 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-03-03 11:16 - 2018-03-03 11:16 - 000000000 ____D C:\Windows\Program Files\\Common Files\Java
2018-03-03 11:15 - 2018-03-03 11:19 - 000000000 ____D C:\ProgramData\Oracle
2018-03-03 11:15 - 2018-03-03 11:15 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\Users\Přema\AppData\Roaming\Sun
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\Users\Přema\AppData\LocalLow\Sun
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\Program Files\Java
2018-03-03 11:01 - 2018-03-03 11:01 - 084046192 _____ (NVIDIA Corporation) C:\Users\Přema\Downloads\GeForce_Experience_v3.12.0.84.exe
2018-03-03 10:46 - 2018-03-03 10:46 - 000319392 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-03-02 22:10 - 2018-03-02 22:10 - 000002832 _____ C:\Users\Přema\Unigine_Heaven_Benchmark_4.0_20180302_2210.html
2018-03-02 22:04 - 2018-03-15 22:29 - 000000000 ____D C:\Users\Přema\Heaven
2018-03-02 22:01 - 2018-03-02 22:10 - 001065984 _____ C:\Users\Přema\AppData\Local\file__0.localstorage
2018-03-02 21:50 - 2018-03-02 21:53 - 258726655 _____ (Unigine Corp. ) C:\Users\Přema\Downloads\Unigine_Heaven-4.0.exe
2018-03-01 20:26 - 2018-03-01 20:34 - 404815682 _____ C:\Users\Přema\Downloads\Ulice 3414 dil HD.mp4
2018-02-28 16:11 - 2018-02-28 16:11 - 000000000 ___HD C:\$AV_ASW
2018-02-28 12:42 - 2018-03-22 17:15 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 12:42 - 2018-03-22 17:15 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-28 12:37 - 2018-03-03 10:46 - 000055160 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-02-28 12:37 - 2018-02-28 12:37 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-02-28 12:37 - 2018-02-28 12:37 - 000000000 ____D C:\Users\Přema\AppData\Roaming\AVAST Software
2018-02-28 12:37 - 2018-02-28 12:37 - 000000000 ____D C:\Users\Přema\AppData\Local\CEF
2018-02-28 12:36 - 2018-03-03 10:46 - 000783608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000391856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000276688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000185432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000169536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000167040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000157368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000152344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000124392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000100032 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000070816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000050336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-02-28 12:36 - 2018-02-28 12:36 - 001142072 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2018-02-28 12:36 - 2018-02-28 12:36 - 000000000 ____D C:\Windows\Program Files\\Common Files\AVAST Software
2018-02-28 12:32 - 2018-02-28 17:56 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-28 12:32 - 2018-02-28 12:32 - 000000000 ____D C:\Program Files\AVAST Software
2018-02-26 22:36 - 2018-02-26 22:36 - 000000000 ____D C:\Users\Přema\AppData\Roaming\EPSON
2018-02-26 21:54 - 2018-02-26 21:55 - 200503767 _____ C:\Users\Přema\Downloads\Ulice 3411 dil.mp4
2018-02-25 20:33 - 2018-02-25 20:35 - 404815652 _____ C:\Users\Přema\Downloads\Ulice 3411 dil HD.mp4
2018-02-25 20:25 - 2018-02-25 20:27 - 401544258 _____ C:\Users\Přema\Downloads\Ulice 3410 dil HD.mp4
2018-02-25 20:19 - 2018-02-25 20:23 - 411914513 _____ C:\Users\Přema\Downloads\Ulice 3409 HD.mp4
2018-02-23 20:20 - 2018-02-23 20:20 - 000000000 ____D C:\Windows\system32\Drivers\wd

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-22 20:54 - 2018-02-12 20:10 - 000000000 ___RD C:\Users\Přema\Disk Google
2018-03-22 20:49 - 2018-02-12 19:02 - 000000000 ____D C:\Users\Přema\AppData\LocalLow\Mozilla
2018-03-22 20:40 - 2018-02-12 20:47 - 000000000 ____D C:\Program Files\Core Temp
2018-03-22 18:04 - 2017-09-30 13:07 - 001124336 _____ C:\Windows\system32\perfh005.dat
2018-03-22 18:04 - 2017-09-30 13:07 - 000267390 _____ C:\Windows\system32\perfc005.dat
2018-03-22 18:04 - 2017-09-29 02:08 - 002488264 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-22 17:58 - 2017-09-29 01:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-22 17:57 - 2017-09-29 06:31 - 000524288 _____ C:\Windows\system32\config\BBI
2018-03-22 17:53 - 2017-09-29 01:53 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-03-22 17:19 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-03-22 17:18 - 2017-09-29 12:55 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-22 17:18 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\AppReadiness
2018-03-21 21:59 - 2017-09-29 02:09 - 000000000 ____D C:\Users\Přema\AppData\Local\Packages
2018-03-20 22:13 - 2017-09-29 01:53 - 000344704 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-19 22:24 - 2017-09-29 12:52 - 000000000 ____D C:\Windows\INF
2018-03-15 22:29 - 2018-02-12 18:38 - 000000000 ____D C:\Windows\Program Files\\Common Files\Microsoft Shared
2018-03-14 20:30 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\rescache
2018-03-14 20:01 - 2018-02-12 18:26 - 000000000 ____D C:\Users\Přema\AppData\Local\ElevatedDiagnostics
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\TextInput
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\ShellExperiences
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-13 22:27 - 2017-09-29 12:45 - 000000000 ____D C:\Windows\CbsTemp
2018-03-13 22:26 - 2018-02-12 18:30 - 000000000 ____D C:\Windows\system32\MRT
2018-03-13 22:23 - 2018-02-12 18:30 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-13 22:23 - 2018-02-12 18:30 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-13 22:22 - 2018-02-14 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-03-13 22:16 - 2017-09-29 12:49 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-03-13 22:16 - 2017-09-29 12:49 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000075296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000048536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000038944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000028056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000022400 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2018-03-13 22:15 - 2017-09-29 12:49 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2018-03-07 18:03 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\system32\NDF
2018-03-06 23:49 - 2017-09-29 02:09 - 000000000 ____D C:\Users\Přema
2018-03-04 00:11 - 2018-02-13 07:07 - 000000000 ____D C:\Users\Přema\Documents\My Games
2018-03-03 19:15 - 2017-09-29 02:22 - 000000000 ____D C:\Windows\Minidump
2018-03-02 09:43 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\LiveKernelReports
2018-02-28 12:50 - 2018-02-12 19:09 - 000000000 ____D C:\Users\Přema\AppData\Local\Google
2018-02-28 12:42 - 2018-02-12 19:11 - 000000000 ____D C:\Program Files\Google
2018-02-25 21:50 - 2018-02-14 22:58 - 000000000 ____D C:\Users\Přema\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2018-02-13 07:01 - 2017-11-14 20:02 - 001366532 _____ () C:\Users\Přema\steam_api.dll
2018-03-02 22:01 - 2018-03-02 22:10 - 001065984 _____ () C:\Users\Přema\AppData\Local\file__0.localstorage

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-14 20:01

==================== End of FRST.txt ============================

Premek84 · #12 Příspěvek od **Premek84** » 22 bře 2018 21:56

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14.03.2018
Ran by Přema (administrator) on DESKTOP-1LT8DTJ (22-03-2018 21:42:39)
Running from C:\Users\Přema\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: Přema (Available Profiles: Přema)
Platform: Microsoft Windows 10 Pro Version 1709 16299.309 (X86) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [488344 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-03] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Windows\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\Run: [EPSON SX110 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE [199680 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4201152 2018-02-12] (Disc Soft Ltd)
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\...\MountPoints2: {3d78e6a2-101d-11e8-a3b5-001d7d01d63c} - "F:\setup.exe"
HKU\S-1-5-21-1196086637-3924171293-559995789-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [136192 2017-09-29] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{53735073-24ac-497d-882f-62e9569f45db}: [DhcpNameServer] 192.168.0.2

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1196086637-3924171293-559995789-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-03-03] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-03] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-03] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-12] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default [2018-03-22]
CHR Extension: (Prezentace) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-28]
CHR Extension: (Dokumenty) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-28]
CHR Extension: (Disk Google) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-28]
CHR Extension: (YouTube) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-28]
CHR Extension: (Tabulky) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-03]
CHR Extension: (Avast Online Security) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-28]
CHR Extension: (Gmail) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\Přema\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-22]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1196086637-3924171293-559995789-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [284872 2015-11-04] (Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5909888 2018-03-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-03] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3078848 2018-02-12] (Disc Soft Ltd)
S3 ose; C:\Windows\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [159960 2017-09-12] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2891976 2017-11-26] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [279264 2018-02-12] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [86552 2018-02-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167040 2018-03-03] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [185432 2018-03-03] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157368 2018-03-03] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276688 2018-03-03] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50336 2018-03-03] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [169536 2018-03-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-03-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124392 2018-03-03] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100032 2018-03-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70816 2018-03-03] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783608 2018-03-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [391856 2018-03-03] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [152344 2018-03-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-03-03] (AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [26168 2018-02-13] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [40504 2018-02-13] (Disc Soft Ltd)
S3 gdrv; C:\Windows\gdrv.sys [17488 2018-02-13] (Windows (R) 2000 DDK provider)
R3 rt640x86; C:\Windows\System32\drivers\rt640x86.sys [504832 2017-09-29] (Realtek )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [4729856 2017-09-29] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [174296 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [182096 2018-01-15] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [38904 2018-02-12] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [238160 2018-02-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [93776 2018-02-12] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [186880 2017-09-29] (Microsoft Corporation)
R1 YSDrv; C:\Program Files\Bignox\BigNoxVM\RT\YSDrv.sys [220432 2018-02-12] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-20 22:08 - 2018-03-20 22:11 - 000000000 ____D C:\AdwCleaner
2018-03-20 21:19 - 2018-03-20 21:19 - 000359230 _____ C:\Users\Přema\Desktop\180320150345_0001.pdf
2018-03-20 21:11 - 2018-03-20 21:12 - 000000000 ____D C:\rsit
2018-03-20 21:11 - 2018-03-20 21:11 - 001107968 _____ C:\Users\Přema\Downloads\RSIT.exe
2018-03-20 21:11 - 2018-03-20 21:11 - 000000000 ____D C:\Program Files\trend micro
2018-03-20 21:10 - 2018-03-22 21:42 - 000000000 ____D C:\FRST
2018-03-20 21:09 - 2018-03-20 21:09 - 001764352 _____ (Farbar) C:\Users\Přema\Downloads\FRST.exe
2018-03-19 22:22 - 2018-03-19 22:22 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-03-17 21:53 - 2018-03-17 21:57 - 428792031 _____ C:\Users\Přema\Downloads\skupina pratel si uziva vikendovou swingers na zahrade hd.mp4
2018-03-17 10:45 - 2018-03-16 09:26 - 007799723 ____N C:\Users\Přema\Desktop\CCF1632018_0003.pdf
2018-03-17 10:45 - 2018-03-16 09:26 - 003465959 ____N C:\Users\Přema\Desktop\CCF1632018_0002.pdf
2018-03-17 10:45 - 2018-03-16 09:26 - 002705284 ____N C:\Users\Přema\Desktop\CCF1632018_0001.pdf
2018-03-16 20:58 - 2018-03-16 20:58 - 000000000 ____D C:\Users\Přema\AppData\Roaming\Macromedia
2018-03-15 22:29 - 2018-03-15 22:29 - 000000000 ____D C:\Windows\system32\appmgmt

2018-03-14 19:49 - 2018-03-02 22:09 - 000834552 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-03-14 19:49 - 2018-03-02 22:09 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2018-03-13 22:15 - 2018-03-01 07:43 - 006412192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-03-13 22:15 - 2018-03-01 07:37 - 000508312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-13 22:15 - 2018-03-01 07:35 - 000607640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-03-13 22:15 - 2018-03-01 07:35 - 000142744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-13 22:15 - 2018-03-01 07:30 - 000339360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-03-13 22:15 - 2018-03-01 07:26 - 000040856 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-03-13 22:15 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-03-13 22:15 - 2018-03-01 07:02 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-03-13 22:15 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-03-13 22:15 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-13 22:15 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-13 22:15 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-13 22:15 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-13 22:15 - 2018-03-01 06:50 - 001622528 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-03-13 22:15 - 2018-03-01 06:48 - 000676352 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-03-13 22:15 - 2018-02-22 01:43 - 000336800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-03-13 22:15 - 2018-02-22 01:43 - 000128408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-03-13 22:15 - 2018-02-22 01:43 - 000080800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-03-13 22:15 - 2018-02-22 01:42 - 000279448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-13 22:15 - 2018-02-22 01:42 - 000038304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-03-13 22:15 - 2018-02-22 01:19 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-03-13 22:14 - 2018-03-01 21:28 - 000661504 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-03-13 22:14 - 2018-03-01 07:56 - 000603544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 001328024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 000517024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 000221592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-13 22:14 - 2018-03-01 07:52 - 000119192 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-13 22:14 - 2018-03-01 07:51 - 001902488 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-13 22:14 - 2018-03-01 07:51 - 000542624 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-13 22:14 - 2018-03-01 07:51 - 000322464 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-13 22:14 - 2018-03-01 07:51 - 000062360 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-03-13 22:14 - 2018-03-01 07:45 - 001933840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-13 22:14 - 2018-03-01 07:44 - 000253144 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-03-13 22:14 - 2018-03-01 07:41 - 000816632 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-13 22:14 - 2018-03-01 07:40 - 000030616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-03-13 22:14 - 2018-03-01 07:39 - 000350616 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-03-13 22:14 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-03-13 22:14 - 2018-03-01 07:35 - 000451480 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-03-13 22:14 - 2018-03-01 07:35 - 000195488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-13 22:14 - 2018-03-01 07:32 - 000414824 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-03-13 22:14 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-03-13 22:14 - 2018-03-01 07:30 - 002117536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-03-13 22:14 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 22:14 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-13 22:14 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-03-13 22:14 - 2018-03-01 07:27 - 000538760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-03-13 22:14 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-03-13 22:14 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-03-13 22:14 - 2018-03-01 07:27 - 000170904 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-03-13 22:14 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-03-13 22:14 - 2018-03-01 07:25 - 000116120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-03-13 22:14 - 2018-03-01 07:25 - 000048024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-13 22:14 - 2018-03-01 07:24 - 000078232 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-03-13 22:14 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-03-13 22:14 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-03-13 22:14 - 2018-03-01 07:04 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-03-13 22:14 - 2018-03-01 07:03 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-03-13 22:14 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-03-13 22:14 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-03-13 22:14 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-13 22:14 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-03-13 22:14 - 2018-03-01 07:01 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-03-13 22:14 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-13 22:14 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-13 22:14 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000539648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-03-13 22:14 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-03-13 22:14 - 2018-03-01 06:58 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-03-13 22:14 - 2018-03-01 06:57 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-03-13 22:14 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-03-13 22:14 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-03-13 22:14 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-13 22:14 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-03-13 22:14 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-13 22:14 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-03-13 22:14 - 2018-03-01 06:52 - 001132544 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-13 22:14 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-13 22:14 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-13 22:14 - 2018-03-01 06:49 - 001762304 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-03-13 22:14 - 2018-03-01 06:49 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-03-13 22:14 - 2018-03-01 06:48 - 001652224 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-03-13 22:14 - 2018-03-01 06:48 - 000650240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-03-13 22:14 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-13 22:14 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-03-13 22:14 - 2018-03-01 06:45 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-13 22:14 - 2018-02-22 02:23 - 000239000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-03-13 22:14 - 2018-02-22 01:54 - 000233376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-03-13 22:14 - 2018-02-22 01:50 - 000156056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-03-13 22:14 - 2018-02-22 01:48 - 000081824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-03-13 22:14 - 2018-02-22 01:48 - 000065432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-13 22:14 - 2018-02-22 01:46 - 000155552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-03-13 22:14 - 2018-02-22 01:45 - 000454048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-03-13 22:14 - 2018-02-22 01:43 - 000534944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-03-13 22:14 - 2018-02-22 01:42 - 000433568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-03-13 22:14 - 2018-02-22 01:42 - 000186784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-03-13 22:14 - 2018-02-22 01:42 - 000076192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-03-13 22:14 - 2018-02-22 01:18 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-03-13 22:14 - 2018-02-22 01:18 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-03-13 22:14 - 2018-02-22 01:17 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-03-13 22:14 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-03-13 22:14 - 2018-02-22 01:16 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-03-13 22:14 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-03-03 11:16 - 2018-03-03 11:16 - 000000000 ____D C:\Windows\Program Files\\Common Files\Java
2018-03-03 11:15 - 2018-03-03 11:19 - 000000000 ____D C:\ProgramData\Oracle
2018-03-03 11:15 - 2018-03-03 11:15 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\Users\Přema\AppData\Roaming\Sun
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\Users\Přema\AppData\LocalLow\Sun
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-03-03 11:15 - 2018-03-03 11:15 - 000000000 ____D C:\Program Files\Java
2018-03-03 11:01 - 2018-03-03 11:01 - 084046192 _____ (NVIDIA Corporation) C:\Users\Přema\Downloads\GeForce_Experience_v3.12.0.84.exe
2018-03-03 10:46 - 2018-03-03 10:46 - 000319392 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-03-02 22:10 - 2018-03-02 22:10 - 000002832 _____ C:\Users\Přema\Unigine_Heaven_Benchmark_4.0_20180302_2210.html
2018-03-02 22:04 - 2018-03-15 22:29 - 000000000 ____D C:\Users\Přema\Heaven
2018-03-02 22:01 - 2018-03-02 22:10 - 001065984 _____ C:\Users\Přema\AppData\Local\file__0.localstorage
2018-03-02 21:50 - 2018-03-02 21:53 - 258726655 _____ (Unigine Corp. ) C:\Users\Přema\Downloads\Unigine_Heaven-4.0.exe
2018-03-01 20:26 - 2018-03-01 20:34 - 404815682 _____ C:\Users\Přema\Downloads\Ulice 3414 dil HD.mp4
2018-02-28 16:11 - 2018-02-28 16:11 - 000000000 ___HD C:\$AV_ASW
2018-02-28 12:42 - 2018-03-22 17:15 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 12:42 - 2018-03-22 17:15 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-28 12:37 - 2018-03-03 10:46 - 000055160 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-02-28 12:37 - 2018-02-28 12:37 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-02-28 12:37 - 2018-02-28 12:37 - 000000000 ____D C:\Users\Přema\AppData\Roaming\AVAST Software
2018-02-28 12:37 - 2018-02-28 12:37 - 000000000 ____D C:\Users\Přema\AppData\Local\CEF
2018-02-28 12:36 - 2018-03-03 10:46 - 000783608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000391856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000276688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblogx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000185432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000169536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000167040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000157368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidshx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000152344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000124392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000100032 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000070816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000050336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbunivx.sys
2018-02-28 12:36 - 2018-03-03 10:46 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-02-28 12:36 - 2018-02-28 12:36 - 001142072 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2018-02-28 12:36 - 2018-02-28 12:36 - 000000000 ____D C:\Windows\Program Files\\Common Files\AVAST Software
2018-02-28 12:32 - 2018-02-28 17:56 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-28 12:32 - 2018-02-28 12:32 - 000000000 ____D C:\Program Files\AVAST Software
2018-02-26 22:36 - 2018-02-26 22:36 - 000000000 ____D C:\Users\Přema\AppData\Roaming\EPSON
2018-02-26 21:54 - 2018-02-26 21:55 - 200503767 _____ C:\Users\Přema\Downloads\Ulice 3411 dil.mp4
2018-02-25 20:33 - 2018-02-25 20:35 - 404815652 _____ C:\Users\Přema\Downloads\Ulice 3411 dil HD.mp4
2018-02-25 20:25 - 2018-02-25 20:27 - 401544258 _____ C:\Users\Přema\Downloads\Ulice 3410 dil HD.mp4
2018-02-25 20:19 - 2018-02-25 20:23 - 411914513 _____ C:\Users\Přema\Downloads\Ulice 3409 HD.mp4
2018-02-23 20:20 - 2018-02-23 20:20 - 000000000 ____D C:\Windows\system32\Drivers\wd

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-22 20:54 - 2018-02-12 20:10 - 000000000 ___RD C:\Users\Přema\Disk Google
2018-03-22 20:49 - 2018-02-12 19:02 - 000000000 ____D C:\Users\Přema\AppData\LocalLow\Mozilla
2018-03-22 20:40 - 2018-02-12 20:47 - 000000000 ____D C:\Program Files\Core Temp
2018-03-22 18:04 - 2017-09-30 13:07 - 001124336 _____ C:\Windows\system32\perfh005.dat
2018-03-22 18:04 - 2017-09-30 13:07 - 000267390 _____ C:\Windows\system32\perfc005.dat
2018-03-22 18:04 - 2017-09-29 02:08 - 002488264 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-22 17:58 - 2017-09-29 01:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-22 17:57 - 2017-09-29 06:31 - 000524288 _____ C:\Windows\system32\config\BBI
2018-03-22 17:53 - 2017-09-29 01:53 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-03-22 17:19 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-03-22 17:18 - 2017-09-29 12:55 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-22 17:18 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\AppReadiness
2018-03-21 21:59 - 2017-09-29 02:09 - 000000000 ____D C:\Users\Přema\AppData\Local\Packages
2018-03-20 22:13 - 2017-09-29 01:53 - 000344704 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-19 22:24 - 2017-09-29 12:52 - 000000000 ____D C:\Windows\INF
2018-03-15 22:29 - 2018-02-12 18:38 - 000000000 ____D C:\Windows\Program Files\\Common Files\Microsoft Shared
2018-03-14 20:30 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\rescache
2018-03-14 20:01 - 2018-02-12 18:26 - 000000000 ____D C:\Users\Přema\AppData\Local\ElevatedDiagnostics
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\TextInput
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\ShellExperiences
2018-03-13 23:55 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-13 22:27 - 2017-09-29 12:45 - 000000000 ____D C:\Windows\CbsTemp
2018-03-13 22:26 - 2018-02-12 18:30 - 000000000 ____D C:\Windows\system32\MRT
2018-03-13 22:23 - 2018-02-12 18:30 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-13 22:23 - 2018-02-12 18:30 - 127391104 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-03-13 22:22 - 2018-02-14 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-03-13 22:16 - 2017-09-29 12:49 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-03-13 22:16 - 2017-09-29 12:49 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000075296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000048536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000038944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000028056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000022400 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2018-03-13 22:15 - 2017-09-29 12:49 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-03-13 22:15 - 2017-09-29 12:49 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2018-03-07 18:03 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\system32\NDF
2018-03-06 23:49 - 2017-09-29 02:09 - 000000000 ____D C:\Users\Přema
2018-03-04 00:11 - 2018-02-13 07:07 - 000000000 ____D C:\Users\Přema\Documents\My Games
2018-03-03 19:15 - 2017-09-29 02:22 - 000000000 ____D C:\Windows\Minidump
2018-03-02 09:43 - 2017-09-29 12:55 - 000000000 ____D C:\Windows\LiveKernelReports
2018-02-28 12:50 - 2018-02-12 19:09 - 000000000 ____D C:\Users\Přema\AppData\Local\Google
2018-02-28 12:42 - 2018-02-12 19:11 - 000000000 ____D C:\Program Files\Google
2018-02-25 21:50 - 2018-02-14 22:58 - 000000000 ____D C:\Users\Přema\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2018-02-13 07:01 - 2017-11-14 20:02 - 001366532 _____ () C:\Users\Přema\steam_api.dll
2018-03-02 22:01 - 2018-03-02 22:10 - 001065984 _____ () C:\Users\Přema\AppData\Local\file__0.localstorage

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-14 20:01

==================== End of FRST.txt ============================

Premek84 · #13 Příspěvek od **Premek84** » 22 bře 2018 22:05

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14.03.2018
Ran by Přema (22-03-2018 21:44:01)
Running from C:\Users\Přema\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Microsoft Windows 10 Pro Version 1709 16299.309 (X86) (2017-09-29 01:04:25)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1196086637-3924171293-559995789-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1196086637-3924171293-559995789-503 - Limited - Disabled)
Guest (S-1-5-21-1196086637-3924171293-559995789-501 - Limited - Disabled)
Přema (S-1-5-21-1196086637-3924171293-559995789-1001 - Administrator - Enabled) => C:\Users\Přema
WDAGUtilityAccount (S-1-5-21-1196086637-3924171293-559995789-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Backup and Sync from Google (HKLM\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.1.0341 - Disc Soft Ltd)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Updte Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
Nox APP Player (HKLM\...\Nox) (Version: 6.0.5.2 - Duodian Technology Co. Ltd.)
Odinstalace tiskárny EPSON SX110 Series (HKLM\...\EPSON SX110 Series) (Version: - SEIKO EPSON Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
Oracle VM VirtualBox 5.2.6 (HKLM\...\{177A97F6-18F2-4FCC-BD34-FF99DE84F899}) (Version: 5.2.6 - Oracle Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Přema\AppData\Local\Microsoft\OneDrive\17.005.0107.0008_1\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{4EDE09DD-0761-4ABF-8DAD-1444A02C54A1}\localserver32 -> "C:\Program Files\brother\Ptedit52\ptedit52.exe" => No File
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Přema\AppData\Local\Microsoft\OneDrive\17.005.0107.0008_1\FileSyncShell.dll => No File
CustomCLSID: HKU\S-1-5-21-1196086637-3924171293-559995789-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Přema\AppData\Local\Microsoft\OneDrive\17.005.0107.0008_1\FileSyncShell.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-03] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-03] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-01-29] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl32.dll [2018-02-12] (Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-03] (AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl32.dll [2018-02-12] (Disc Soft Ltd)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-01-29] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-03-03] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D3472D2-558B-4BE2-957C-77052845A410} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-03] (AVAST Software)
Task: {175B50CA-B60B-401F-812E-4A72F27EFE82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-02-12] (Google Inc.)
Task: {2D73C99C-F706-48DF-9C7F-C6C0114EA24B} - System32\Tasks\Core Temp Autostart Přema => C:\Program Files\Core Temp\Core Temp.exe [2017-11-04] (ALCPU)
Task: {32F5D831-F394-4965-B5BD-7BF7276BDA4B} - System32
Task: {557B4561-4E18-4F6D-8DDF-3AFE600397B0} - System32\Tasks\Avast Software\Overseer => C:\Windows\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-02-28] (AVAST Software)
Task: {853B658B-4484-4FBA-880F-3D7EBD2EABA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-02-12] (Google Inc.)
Task: {FB49DD3B-A3C4-4ACE-887E-90CEE039731F} - System32\Tasks\WinMgr => C:\Windows\\que.vbs

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-04 16:43 - 2015-11-04 16:43 - 000114688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-03-13 22:14 - 2018-02-22 01:12 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-13 22:14 - 2018-02-22 01:09 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 000095744 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-03-03 19:17 - 2018-03-03 19:17 - 003621888 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DiscSoft.NET.Common\d5f5f34ca30f6199dd16e655fd292edd\DiscSoft.NET.Common.ni.dll
2018-03-22 20:40 - 2018-03-22 20:40 - 000088064 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_ctypes.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000069120 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\bz2.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000920064 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_hashlib.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000098816 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32api.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000110080 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\pywintypes27.dll
2018-03-22 20:40 - 2018-03-22 20:40 - 000364544 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\pythoncom27.dll
2018-03-22 20:40 - 2018-03-22 20:40 - 000686080 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\unicodedata.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000320512 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32com.shell.shell.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 001177088 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\wx._core_.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000806912 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\wx._gdi_.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000816640 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\wx._windows_.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 001067520 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\wx._controls_.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000733696 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\wx._misc_.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000736256 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\pysqlite2._sqlite.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000119808 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32file.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000108544 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32security.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000007168 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\hashobjs_ext.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000017920 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\thumbnails_ext.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000082432 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\usb_ext.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000013824 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\common.time34.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000018432 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32event.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000027648 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\windows.conditional.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000017408 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\windows.winwrap.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000089088 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\windows.volumes.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000167936 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32gui.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000046080 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_socket.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 001311232 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_ssl.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000135680 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_elementtree.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000133632 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\pyexpat.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000038912 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32inet.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000077824 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\wx._html2.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000036864 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_psutil_windows.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000524248 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\windows._lib_cacheinvalidation.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000010240 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\select.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000011264 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32crypt.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000218624 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\PIL._imaging.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000027648 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_multiprocessing.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000020480 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\_yappi.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000035840 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32process.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000024064 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32pipe.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000025600 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32pdh.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000059392 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\windows.device_monitor.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000017408 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32profile.pyd
2018-03-22 20:40 - 2018-03-22 20:40 - 000022528 _____ () C:\Users\Přema\AppData\Local\Temp\_MEI81122\win32ts.pyd
2018-03-03 10:46 - 2018-03-03 10:46 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-03 10:46 - 2018-03-03 10:46 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-03 10:46 - 2018-03-03 10:46 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-03 10:46 - 2018-03-03 10:46 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 12:55 - 2017-09-29 12:52 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1196086637-3924171293-559995789-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{44571082-B002-44F0-A048-A0A1CF435164}] => (Allow) C:\Program Files\Nox\bin\Nox.exe
FirewallRules: [{42C8CBDE-CB2D-4047-9F53-C0112EAA754D}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{F17ABBBA-EC87-4F94-8CFD-CEB7181968A5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
FirewallRules: [TCP Query User{08FD1AA1-4E0E-4DC5-811E-C96FC875B50D}C:\program files\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{33013579-C74F-49B4-9DF5-E84E7CABE719}C:\program files\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files\gigabyte\@bios\gwflash.exe
FirewallRules: [VIRTCL-WMI-RPCSS-In-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe
FirewallRules: [VIRTCL-WMI-WINMGMT-In-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe
FirewallRules: [VIRTCL-WMI-WINMGMT-Out-TCP-NoScope] => (Allow) $(runtime.system32)\svchost.exe
FirewallRules: [VIRTCL-WMI-ASYNC-In-TCP-NoScope] => (Allow) $(runtime.system32)\wbem\unsecapp.exe
FirewallRules: [{CE0936AE-3DAE-4F77-A20F-9CCEA47A8693}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{07907C73-B04F-4C64-84F7-379F72D0934A}C:\users\přema\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\přema\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [UDP Query User{843D9F45-A9F7-4D75-8FD8-E39FE52704B8}C:\users\přema\appdata\local\temp\kmsnano\qemu-system-i386.exe] => (Allow) C:\users\přema\appdata\local\temp\kmsnano\qemu-system-i386.exe
FirewallRules: [{44CE6724-C03D-4AF8-887D-84D3BA4D9DEE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

03-03-2018 20:11:57 Naplánovaný kontrolní bod
13-03-2018 22:13:41 Windows Update
19-03-2018 22:22:31 Windows Update

==================== Faulty Device Manager Devices =============

Name: Vstupní zařízení pro sběrnici PCI
Description: Vstupní zařízení pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2018 09:44:31 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (03/22/2018 09:44:31 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (03/22/2018 09:44:31 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (03/22/2018 09:44:31 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <MSSearch.IpsPi> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (03/22/2018 09:44:31 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Správce modulu plug-in <MSSearch.IpsPi> nebyl inicializován.

Kontext: aplikace Windows

Podrobnosti:
(HRESULT : 0x80040154) (0x80040154)

Error: (03/22/2018 09:44:28 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (03/22/2018 09:44:28 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

Error: (03/22/2018 09:44:28 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexovacího modulu nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Zadaný objekt nebyl nalezen. Zadejte název existujícího objektu. (HRESULT : 0x80040d06) (0x80040d06)

System errors:
=============
Error: (03/22/2018 09:44:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 166krát.

Error: (03/22/2018 09:44:28 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (03/22/2018 09:44:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 165krát.

Error: (03/22/2018 09:44:23 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (03/22/2018 09:43:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 164krát.

Error: (03/22/2018 09:43:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Error: (03/22/2018 09:43:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Search byla neočekávaně ukončena. Tento stav nastal již 163krát.

Error: (03/22/2018 09:43:06 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search skončila s následující chybou specifickou pro službu:
%%2147749126

Windows Defender:
===================================
Date: 2018-02-28 11:27:43.912
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:PowerShell/PsAttack.B
ID: 2147726038
Závažnost: Střední
Kategorie: Nástroj
Cesta: amsi:_PowerShell_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.150000000000000001;file:_C:\Windows\whats.txt->[EmbeddedEnc]->(Base64)->(UTF-16LE);file:_C:\Windows\whats.txt->[PowEncCmdFile]->(UTF-16LE)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze podpisu: AV: 1.261.1676.0, AS: 1.261.1676.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-28 11:27:39.614
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:PowerShell/PsAttack.B
ID: 2147726038
Závažnost: Střední
Kategorie: Nástroj
Cesta: amsi:_PowerShell_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.150000000000000001;file:_C:\Windows\whats.txt->[EmbeddedEnc]->(Base64)->(UTF-16LE);file:_C:\Windows\whats.txt->[PowEncCmdFile]->(UTF-16LE)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\cmd.exe
Verze podpisu: AV: 1.261.1676.0, AS: 1.261.1676.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-28 11:27:36.943
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:PowerShell/PsAttack.B
ID: 2147726038
Závažnost: Střední
Kategorie: Nástroj
Cesta: amsi:_PowerShell_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.150000000000000001;file:_C:\Windows\whats.txt->[EmbeddedEnc]->(Base64)->(UTF-16LE);file:_C:\Windows\whats.txt->[PowEncCmdFile]->(UTF-16LE)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze podpisu: AV: 1.261.1676.0, AS: 1.261.1676.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-27 19:57:20.040
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:PowerShell/PsAttack.B
ID: 2147726038
Závažnost: Střední
Kategorie: Nástroj
Cesta: amsi:_PowerShell_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.150000000000000001;file:_C:\Windows\whats.txt->[EmbeddedEnc]->(Base64)->(UTF-16LE);file:_C:\Windows\whats.txt->[PowEncCmdFile]->(UTF-16LE)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze podpisu: AV: 1.261.1633.0, AS: 1.261.1633.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-27 19:57:16.368
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:PowerShell/PsAttack.B
ID: 2147726038
Závažnost: Střední
Kategorie: Nástroj
Cesta: amsi:_PowerShell_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.150000000000000001;file:_C:\Windows\whats.txt->[EmbeddedEnc]->(Base64)->(UTF-16LE);file:_C:\Windows\whats.txt->[PowEncCmdFile]->(UTF-16LE)
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\cmd.exe
Verze podpisu: AV: 1.261.1633.0, AS: 1.261.1633.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-12 07:42:36.558
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.42.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-12 07:42:36.557
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 116.1.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.13804.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-12 07:42:36.548
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.42.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-12 07:42:36.547
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.42.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2018-02-12 07:42:36.546
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.42.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

==================== Memory info ===========================

Processor: AMD Phenom(tm) 9550 Quad-Core Processor
Percentage of memory in use: 63%
Total physical RAM: 3326.49 MB
Available physical RAM: 1201.92 MB
Total Virtual: 5374.49 MB
Available Virtual: 2682.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:830.26 GB) NTFS
Drive f: (Farming Simulator 15) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
Drive g: (bigescavator1.4) (CDROM) (Total:0.17 GB) (Free:0 GB) UDF

\\?\Volume{db16416b-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DB16416B)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#14 Příspěvek od **Conder** » 23 bře 2018 14:48

Upravoval si tie logy predtym ako si ich sem poslal?

VIRY.CZ

Najednou hrozně pomalé PC...

Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...

Re: Najednou hrozně pomalé PC...