Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Mailserver

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
MirekS
Návštěvník
Návštěvník
Příspěvky: 1
Registrován: 10 dub 2018 12:17

Mailserver

#1 Příspěvek od MirekS »

Dobrý den,
potřebuji pomoc zda nemam v PC nějakou havět. Z neznámeho důvodu jsem pry spadl s moji IP(90.179.49.58) do banlistu a toje duvod proc nemohu odesilat emaily-prý mam vir a ten odesíla z mého PC emaily. Doma používam 2 PC (muj a mamka).
PC jsem projel avastem a malwerbytes nic nenasli.
Zde přikladám log snad spravne:) >
Dekuji předem za ochotu :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Rush (administrator) on RUSH-PC (10-04-2018 13:13:45)
Running from C:\Users\Rush\Desktop
Loaded Profiles: Rush (Available Profiles: Rush & kpo_postgres)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SMSC) C:\Program Files\SGFX\sgfxmgr.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Apache Software Foundation) C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apache Software Foundation) C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files\SGFX\SgfxConfig.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Arduino\java\bin\javaw.exe
(The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2017-12-18] (ESET)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation)
HKLM-x32\...\Run: [SgfxConfig] => C:\Program Files\SGFX\sgfxconfig.exe [2233592 2013-05-01] ()
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [MFP and Storage Server] => [X]
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [*LABAL*] => [X]
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [Google Update] => C:\Users\Rush\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-14] (Google Inc.)
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [DU Meter] => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023648 2017-11-15] (Samsung)
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\MountPoints2: E - E:\Set-up.exe
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\MountPoints2: {5e4d119f-bf83-11e6-9bb2-74e543621c14} - D:\start.exe
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\MountPoints2: {6d30442c-2dba-11e7-83a1-74e543621c14} - E:\AutoRun.exe
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\MountPoints2: {6d30443a-2dba-11e7-83a1-74e543621c14} - E:\AutoRun.exe
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\MountPoints2: {c2d7d4c5-0133-11e7-bc9f-c22915ccb1d6} - F:\setup.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{11CDDC1E-3583-41A3-875D-7D3CCB880A12}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6D9D37CF-E5FD-4879-AB72-D9F65DF2DBEB}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{811958AD-6ACE-4400-B036-93A20D884DF0}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B80BE023-101F-4307-8C12-9103B5CF9521}: [DhcpNameServer] 10.0.0.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-4170223498-2434519729-925558879-1000\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-25] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-25] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-12-14] (Tracker Software Products Ltd.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-12-14] (Tracker Software Products Ltd.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 364pql4h.default
FF ProfilePath: C:\Users\Rush\AppData\Roaming\Mozilla\Firefox\Profiles\364pql4h.default [2018-01-24]
FF HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Users\Rush\AppData\Roaming\IDM\idmmzcc7 => not found
FF HKU\S-1-5-21-4170223498-2434519729-925558879-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rush\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Rush\AppData\Roaming\IDM\idmmzcc5 [2018-02-23] [Legacy] [not signed]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-29] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4170223498-2434519729-925558879-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products Ltd.)
FF Plugin HKU\S-1-5-21-4170223498-2434519729-925558879-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Rush\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-4170223498-2434519729-925558879-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Rush\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> file:///C:/Users/Rush/Desktop/WR
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://securedsearch2 ... oogle.com/"
CHR NewTab: Default -> Active:"chrome-extension://bokbgdhblfolpfanocjafjhpjkebhlfk/redirect.html"
CHR Profile: C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default [2018-04-10]
CHR Extension: (Prezentace) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Common Hangouts) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\acffocjoafjbncgcmoephiffghmjlfdi [2016-12-18]
CHR Extension: (Dokumenty) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-21]
CHR Extension: (YouTube) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-21]
CHR Extension: (New Tab to Tasks) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\bokbgdhblfolpfanocjafjhpjkebhlfk [2016-12-04]
CHR Extension: (uBlock Origin) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-04-09]
CHR Extension: (Adblock na Youtube™) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-30]
CHR Extension: (Google+) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-11-21]
CHR Extension: (Add to Wunderlist) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmnddeddcgdllibmaodanoonljfdmooc [2017-10-03]
CHR Extension: (Go Back With Backspace) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekailopagacbcdloonjhbiecobagjci [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Tabulky) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-21]
CHR Extension: (AdBlock) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-15]
CHR Extension: (Slack) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeogkiiogjbmhklcnbgkdcjoioegiknm [2017-08-16]
CHR Extension: (Hangouts Google) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-02-13]
CHR Extension: (STM - MP3 downloader) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\nigcnnoecjidafpppblafapadbhklfid [2017-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Toggl Button: Productivity & Time Tracker) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejgccbfbmkkpaidnkphaiaecficdnfn [2018-03-15]
CHR Extension: (Gmail) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-26]
CHR Profile: C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-08-16]
CHR Extension: (Prezentace Google) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-01]
CHR Extension: (hxxps://docs.google.com/forms/create?usp=abou) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afeddgbbmckkocdbodjdabnmpjinljic [2017-08-15]
CHR Extension: (Dokumenty Google) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-01]
CHR Extension: (Disk Google) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-15]
CHR Extension: (YouTube) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-01]
CHR Extension: (hxxps://docs.google.com/document/u/0/) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bojccfnmcnekjgjhcaklmcgofnngpjcl [2017-08-15]
CHR Extension: (New Tab to Tasks) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bokbgdhblfolpfanocjafjhpjkebhlfk [2017-08-15]
CHR Extension: (Google Tasks (by Google)) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd [2017-08-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-02]
CHR Extension: (Tabulky Google) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-13]
CHR Extension: (AdBlock) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-15]
CHR Extension: (hxxps://drive.google.com/drive/my-drive) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkdnjjllhbbhgjfojnheoooeabjimbka [2017-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-15]
CHR Extension: (PDF Viewer) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2017-08-15]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-08-15]
CHR Extension: (Gmail) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Rush\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-02]
CHR Profile: C:\Users\Rush\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-04]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2015-02-19] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1940584 2017-12-18] (ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-04-18] (Seiko Epson Corporation)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-15] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-15] (Intel Corporation)
R2 KPO_Apache; C:\Program Files (x86)\KPO\server\apache\bin\httpd.exe [12288 2016-12-18] (Apache Software Foundation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 SGFXMgr; C:\Program Files\SGFX\sgfxmgr.exe [8481280 2013-05-01] (SMSC) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [70368 2016-02-10] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-01-26] (www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-06] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [134368 2018-01-19] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107328 2018-01-19] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2018-01-19] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50744 2018-01-19] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81880 2018-01-19] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61040 2018-01-19] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [106304 2018-01-19] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [76192 2018-03-19] ()
S3 EST_BusEnum; C:\Windows\System32\DRIVERS\GenBus.sys [29696 2009-10-06] ( )
S3 EST_Server; C:\Windows\System32\DRIVERS\GenHC.sys [199168 2009-10-06] ( ) [File not signed]
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-30] (REALiX(tm))
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [14748416 2012-03-27] (Intel Corporation) [File not signed]
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [51368 2016-04-08] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193768 2018-04-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-04-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-04-09] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-04-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [93816 2018-04-10] (Malwarebytes)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R4 sgfxk; C:\Windows\System32\drivers\sgfxk64.sys [157432 2013-05-02] (SMSC)
R0 sgfxl; C:\Windows\System32\drivers\sgfxl64.sys [18168 2013-05-02] (SMSC)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-10-25] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
R3 TS_ARN5416; C:\Windows\System32\DRIVERS\ts_athrx.sys [3544264 2014-07-23] (TamoSoft)
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2016-02-29] (Cisco Systems, Inc.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
U2 V2iMount; no ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-10 13:13 - 2018-04-10 13:14 - 000031609 _____ C:\Users\Rush\Desktop\FRST.txt
2018-04-10 13:13 - 2018-04-10 13:13 - 002403328 _____ (Farbar) C:\Users\Rush\Desktop\FRST64.exe
2018-04-10 13:13 - 2018-04-10 13:13 - 000000000 ____D C:\FRST
2018-04-09 23:52 - 2017-11-18 16:45 - 000004475 _____ C:\Users\Rush\Desktop\Magnetron.ino
2018-04-09 17:48 - 2018-04-09 17:48 - 000015573 _____ C:\Users\Rush\Desktop\mperdek-arduino-projects-af0251b0059b.zip
2018-04-09 17:40 - 2018-04-09 17:41 - 066707304 _____ C:\Users\Rush\Desktop\xmls.zip
2018-04-09 15:56 - 2018-04-09 17:36 - 002556166 _____ C:\Users\Rush\Desktop\odbornosti.rar
2018-04-09 15:42 - 2018-04-09 15:42 - 000014399 _____ C:\Users\Rush\Desktop\multi-print-1523281201-.csv
2018-04-09 15:40 - 2018-04-09 15:55 - 000000000 ____D C:\Users\Rush\Desktop\odbornosti
2018-04-09 15:36 - 2018-04-10 12:03 - 000093816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-04-09 15:36 - 2018-04-09 15:44 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-04-09 15:36 - 2018-04-09 15:44 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-04-09 15:36 - 2018-04-09 15:36 - 000193768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-04-09 15:35 - 2018-04-09 15:35 - 072594032 _____ (Malwarebytes ) C:\Users\Rush\Desktop\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4656.exe
2018-04-09 15:35 - 2018-04-09 15:35 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-04-09 15:35 - 2018-04-09 15:35 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-09 15:35 - 2018-04-09 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-09 15:35 - 2018-04-09 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-09 15:35 - 2018-03-19 12:57 - 000076192 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-04-09 11:46 - 2018-04-09 11:46 - 000012681 _____ C:\Users\Rush\Desktop\competition-answers-1523005606.csv
2018-04-08 22:27 - 2018-04-08 22:27 - 000053683 _____ C:\Users\Rush\Desktop\bl-Deuterium-i386+NonPAE_20170429.iso.torrent
2018-04-08 15:19 - 2018-04-08 15:19 - 000000000 ____D C:\Users\Rush\Desktop\FUOWEE2IGHOHYLN
2018-04-07 23:45 - 2018-04-07 23:49 - 000000000 ____D C:\pebuilder3110a
2018-04-07 23:45 - 2018-04-07 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PE Builder
2018-04-07 23:44 - 2018-04-07 23:44 - 010765360 _____ C:\Users\Rush\Desktop\pebuilder3110a.exe
2018-04-07 23:38 - 2018-04-07 23:38 - 001839705 _____ (pendrivelinux.com) C:\Users\Rush\Desktop\YUMI-2.0.5.4.exe
2018-04-07 23:27 - 2018-04-07 23:27 - 000018375 _____ C:\Users\Rush\Desktop\[CzT]Windows_XP_SP3_01_2015_CZ_.torrent
2018-04-06 18:21 - 2018-04-06 18:26 - 000000000 ____D C:\Users\Rush\Desktop\EG video
2018-04-06 13:43 - 2018-04-06 13:44 - 003196001 _____ C:\Users\Rush\Desktop\Prezentace_ver3.ppsm
2018-04-05 23:37 - 2018-04-06 18:35 - 000000000 ____D C:\Users\Rush\Desktop\Nová složka
2018-04-05 10:34 - 2018-04-05 10:34 - 000000337 _____ C:\Users\Rush\Desktop\tatyaMTG.txt
2018-04-04 21:46 - 2018-04-04 21:46 - 003195731 _____ C:\Users\Rush\Desktop\Prezentace_ver2.ppsx
2018-04-04 00:42 - 2018-04-06 13:43 - 003195734 _____ C:\Users\Rush\Desktop\Prezentace_ver1.pptx
2018-04-04 00:42 - 2018-04-04 00:44 - 002769101 _____ C:\Users\Rush\Desktop\Prezentace_ver1.ppsx
2018-04-03 14:56 - 2018-04-03 14:57 - 002015568 _____ C:\Users\Rush\Desktop\karty duben.rar
2018-04-03 13:58 - 2016-01-21 10:46 - 000013795 ____H C:\Users\Rush\Desktop\uctoEG18-1.xlsx
2018-04-03 13:58 - 2016-01-19 02:57 - 000013796 ____H C:\Users\Rush\Desktop\uctoEG17-12.xlsx
2018-04-02 16:36 - 2018-04-02 17:00 - 000000000 ____D C:\Users\Rush\Desktop\kuba
2018-04-02 10:44 - 2018-04-02 10:44 - 000095222 _____ C:\Users\Rush\Desktop\Predestination(0000246114).srt
2018-04-02 10:33 - 2018-04-02 10:33 - 000010833 _____ C:\Users\Rush\Desktop\Hrobice 6.xlsx
2018-04-01 23:29 - 2018-04-01 23:29 - 000120534 _____ C:\Users\Rush\Desktop\Coherence(0000242138).srt
2018-04-01 23:12 - 2018-04-01 23:12 - 000044777 _____ C:\Users\Rush\Desktop\Coherence(0000242138).zip
2018-03-31 20:18 - 2018-03-31 20:19 - 000000121 _____ C:\Users\Rush\Desktop\start.bat
2018-03-29 12:32 - 2018-04-03 14:01 - 000000000 ____D C:\Users\Rush\Desktop\poledne zaloha
2018-03-29 12:26 - 2018-04-04 21:13 - 000000000 ____D C:\Users\Rush\Desktop\Eko_Soft
2018-03-29 01:06 - 2018-03-29 01:06 - 000053050 _____ C:\Users\Rush\Desktop\Lucifer.S03E18.720p.HDTV.x264-KILLERS.srt
2018-03-29 00:24 - 2018-03-29 00:24 - 000053616 _____ C:\Users\Rush\Desktop\Lucifer.S03E17.720p.HDTV.x264-AVS.srt
2018-03-28 20:19 - 2018-03-28 20:19 - 000253019 _____ C:\Users\Rush\Desktop\img20180328_20191095.pdf
2018-03-28 20:18 - 2018-03-28 20:18 - 000129040 _____ C:\Users\Rush\Desktop\img20180328_20181621.pdf
2018-03-28 11:06 - 2018-03-28 11:06 - 011949236 _____ C:\Users\Rush\Desktop\prezentace_017 (1).ppt
2018-03-28 11:05 - 2018-03-28 11:05 - 011949236 _____ C:\Users\Rush\Desktop\prezentace_017.ppt
2018-03-26 13:30 - 2018-03-26 13:30 - 000799793 _____ C:\Users\Rush\Desktop\logo.psd
2018-03-26 13:30 - 2018-03-26 13:30 - 000000000 ____D C:\Users\Rush\AppData\Local\Tempzxpsignf1930b109d1d7d2b
2018-03-26 13:30 - 2018-03-26 13:30 - 000000000 ____D C:\Users\Rush\AppData\Local\Tempzxpsign80aae6fc18d7f9c5
2018-03-26 13:29 - 2018-03-26 13:29 - 000000000 ____D C:\Users\Rush\AppData\Local\Tempzxpsignbf2d431805d1d5a9
2018-03-26 13:29 - 2018-03-26 13:29 - 000000000 ____D C:\Users\Rush\AppData\Local\Tempzxpsign38cbb5beac3b47c1
2018-03-26 13:29 - 2018-03-26 13:29 - 000000000 ____D C:\Users\Rush\AppData\Local\Tempzxpsign0ac29b7176745975
2018-03-21 23:12 - 2018-03-21 23:12 - 000277960 _____ C:\Users\Rush\Desktop\nikolka.mp4.sfk
2018-03-21 23:11 - 2018-03-18 14:48 - 399536893 _____ C:\Users\Rush\Desktop\nikolka.mp4
2018-03-21 03:18 - 2018-03-21 03:18 - 000043108 _____ C:\Users\Rush\Desktop\Stargate-Atlantis-S01E04-38-Minutes(0000046406).srt
2018-03-21 03:15 - 2018-03-21 03:15 - 000038186 _____ C:\Users\Rush\Desktop\Atlantis-S01E04(0000232106).srt
2018-03-21 03:12 - 2018-03-21 03:12 - 000043009 _____ C:\Users\Rush\Desktop\Stargate-Atlantis-S01E04-Thirty-Eight-Minutes(0000022974).srt
2018-03-21 02:50 - 2018-03-21 02:50 - 000045143 _____ C:\Users\Rush\Desktop\Stargate-Atlantis-S01E02-Hide-And-Seek(0000018269).srt
2018-03-21 02:50 - 2018-03-21 02:50 - 000031229 _____ C:\Users\Rush\Desktop\Atlantis-S01E02(0000225297).srt
2018-03-21 01:50 - 2018-03-21 01:50 - 000068511 _____ C:\Users\Rush\Desktop\Stargate-Atlantis-S01E01-E02(0000146812).srt
2018-03-21 01:49 - 2018-03-21 01:49 - 000028051 _____ C:\Users\Rush\Desktop\Atlantis-S01E01(0000224545).srt
2018-03-21 00:45 - 2018-03-21 00:45 - 000046983 _____ C:\Users\Rush\Desktop\Braven(0000296756).srt
2018-03-20 12:02 - 2018-03-20 12:02 - 001965577 _____ C:\Users\Rush\Desktop\seznam.xml
2018-03-16 21:09 - 2018-03-16 21:09 - 000603136 _____ C:\Users\Rush\Desktop\Penn-denk-SDH-v3.xls
2018-03-16 21:08 - 2018-03-16 21:08 - 000210432 _____ C:\Users\Rush\Desktop\financni-denik.xls
2018-03-16 20:51 - 2018-03-16 20:51 - 000816592 _____ C:\Users\Rush\Desktop\sdh_krouzek.xls
2018-03-13 22:17 - 2018-03-13 22:17 - 000076347 _____ C:\Users\Rush\Desktop\Faktura_18010005(2).pdf
2018-03-13 21:41 - 2018-03-13 21:41 - 000076495 _____ C:\Users\Rush\Desktop\Faktura_18010005 (1).pdf
2018-03-13 10:59 - 2018-03-13 10:59 - 041120328 _____ C:\Users\Rush\Desktop\DM.rar
2018-03-13 10:57 - 2018-03-13 10:57 - 000000000 ____D C:\Users\Rush\Desktop\DM
2018-03-12 16:17 - 2018-03-12 16:17 - 000167671 _____ C:\Users\Rush\Desktop\REGION V-Survey.csv
2018-03-12 14:25 - 2018-03-31 19:22 - 000000000 ____D C:\HomeCMSdata
2018-03-12 14:25 - 2018-03-12 14:25 - 000000800 _____ C:\Users\Public\Desktop\M.HomeCMS.lnk
2018-03-12 14:25 - 2018-03-12 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GuardVR
2018-03-12 14:25 - 2018-03-12 14:25 - 000000000 ____D C:\Program Files (x86)\M.HomeCMS
2018-03-12 14:25 - 2013-03-19 11:17 - 000773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCR100.dll
2018-03-12 14:22 - 2018-03-12 14:23 - 010245984 _____ (Macrovision Corporation) C:\Users\Rush\Desktop\MHomeCMS-English.exe
2018-03-12 14:11 - 2018-03-12 14:11 - 000000000 ____D C:\Users\Rush\AppData\Roaming\app-find-vstarcam
2018-03-12 14:03 - 2018-03-12 14:03 - 000023093 _____ C:\Program Files (x86)\CMS Uninstall Log.txt
2018-03-12 14:03 - 2018-03-12 14:03 - 000000119 _____ C:\vclientLog.txt
2018-03-12 14:03 - 2018-03-12 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMSClient
2018-03-12 13:22 - 2018-03-12 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONVIF Device Manager
2018-03-12 13:21 - 2018-03-12 13:21 - 000000000 ____D C:\Program Files (x86)\Synesis
2018-03-12 12:26 - 2018-03-12 12:26 - 000000000 ____D C:\Users\Rush\AppData\Roaming\Atheros
2018-03-12 12:26 - 2018-03-12 12:26 - 000000000 ____D C:\Users\Rush\AppData\Local\BMExplorer
2018-03-12 12:23 - 2018-03-12 12:23 - 000000175 _____ C:\Users\Rush\Desktop\KPO.txt
2018-03-12 12:17 - 2018-03-12 12:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2018-03-12 12:15 - 2018-03-19 13:58 - 000000000 ____D C:\Users\Rush\Documents\Bluetooth Folder
2018-03-12 12:15 - 2018-03-12 12:16 - 000000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2018-03-12 12:15 - 2018-03-12 12:15 - 000000000 ____D C:\Program Files (x86)\Bluetooth Suite
2018-03-12 12:14 - 2018-03-12 12:14 - 000000000 ____D C:\Users\Rush\AppData\LocalLow\Intel
2018-03-12 12:13 - 2018-03-12 12:13 - 000000000 ____D C:\Program Files (x86)\JMicron
2018-03-12 12:11 - 2018-03-12 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewSpan Config
2018-03-12 12:11 - 2018-03-12 12:11 - 000000000 ____D C:\Program Files\SGFX
2018-03-12 12:10 - 2018-03-12 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-03-12 12:10 - 2018-03-12 12:10 - 000000000 ____D C:\Program Files (x86)\HP Port Replicator Software Installer

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-10 13:08 - 2017-02-02 15:08 - 000000911 _____ C:\Windows\Tasks\EPSON L386 Series Update {C2693AE5-CE22-4B38-ADD3-D5BD5E9CB903}.job
2018-04-10 13:06 - 2016-11-21 16:30 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-10 13:06 - 2016-11-21 16:30 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-10 13:06 - 2016-11-21 16:30 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-10 13:06 - 2016-11-21 16:30 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-10 13:06 - 2016-11-21 16:30 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-10 13:06 - 2016-11-21 16:30 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-10 13:01 - 2017-02-02 16:01 - 000000911 _____ C:\Windows\Tasks\EPSON L386 Series Update {59ABD0D7-4B34-4820-B8C3-70774BAC0EED}.job
2018-04-10 12:58 - 2016-11-21 11:07 - 000000386 _____ C:\Windows\Tasks\update-sys.job
2018-04-10 12:51 - 2016-11-22 01:22 - 000000000 ____D C:\Users\Rush\AppData\Roaming\Skype
2018-04-10 12:20 - 2016-11-21 11:20 - 000000000 ____D C:\Users\Rush\AppData\Roaming\.purple
2018-04-10 12:08 - 2016-11-22 20:44 - 000000000 ____D C:\Users\Rush\AppData\LocalLow\Mozilla
2018-04-10 11:59 - 2016-11-21 11:07 - 000000386 _____ C:\Windows\Tasks\update-S-1-5-21-4170223498-2434519729-925558879-1000.job
2018-04-10 11:02 - 2017-05-04 11:53 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-10 11:02 - 2016-11-21 13:34 - 000000600 _____ C:\Users\Rush\AppData\Roaming\winscp.rnd
2018-04-10 09:02 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-10 09:02 - 2009-07-14 06:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-09 17:51 - 2017-02-07 19:29 - 000000000 ____D C:\Users\Rush\AppData\Local\Arduino15
2018-04-09 16:11 - 2016-11-21 10:50 - 000026624 _____ C:\Users\Rush\Desktop\pass.xlsx
2018-04-09 15:50 - 2011-04-12 10:34 - 000671932 _____ C:\Windows\system32\perfh005.dat
2018-04-09 15:50 - 2011-04-12 10:34 - 000142588 _____ C:\Windows\system32\perfc005.dat
2018-04-09 15:50 - 2009-07-14 07:13 - 001591454 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-09 15:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-09 15:44 - 2017-09-12 17:17 - 000003486 _____ C:\Windows\System32\Tasks\AutoKMS
2018-04-09 15:44 - 2016-11-23 09:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-04-09 15:44 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-09 15:43 - 2016-12-19 11:11 - 000000000 ____D C:\Users\Rush\AppData\Local\TortoiseGit
2018-04-09 14:05 - 2016-11-21 10:46 - 000000000 ____D C:\Users\Rush\AppData\Roaming\uTorrent
2018-04-09 10:03 - 2016-12-19 18:31 - 000000600 _____ C:\Users\Rush\AppData\Local\PUTTY.RND
2018-04-07 23:46 - 2017-03-06 10:48 - 000000000 ____D C:\Users\Rush\AppData\Roaming\DAEMON Tools Lite
2018-04-06 18:21 - 2017-11-06 15:17 - 002383872 ___SH C:\Users\Rush\Desktop\Thumbs.db
2018-04-06 13:49 - 2016-11-21 10:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-04-05 10:32 - 2016-11-21 12:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-04-03 13:58 - 2018-03-03 12:40 - 000000000 ____D C:\Users\Rush\Desktop\Driver
2018-04-01 18:15 - 2016-12-27 22:58 - 000000000 ____D C:\Users\Rush\AppData\Roaming\vlc
2018-04-01 17:40 - 2017-05-09 13:45 - 000003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1494330331
2018-04-01 17:40 - 2017-05-09 13:45 - 000000000 ____D C:\Program Files\Opera
2018-03-31 18:21 - 2017-02-20 12:32 - 000000000 ____D C:\Users\Rush\AppData\Local\CrashDumps
2018-03-31 18:02 - 2016-12-14 19:01 - 000000630 _____ C:\Users\Rush\advanced_port_scanner_MAC.bin
2018-03-31 15:16 - 2016-12-27 13:27 - 000000000 ____D C:\Users\Rush\AppData\Roaming\iSpy
2018-03-26 13:29 - 2017-03-06 10:16 - 000000034 _____ C:\Users\Rush\AppData\Roaming\AdobeWLCMCache.dat
2018-03-19 18:38 - 2016-11-22 20:28 - 000000000 ____D C:\Users\Rush\AppData\Local\ElevatedDiagnostics
2018-03-19 18:21 - 2017-11-28 20:27 - 000000931 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-03-19 17:41 - 2017-05-04 13:42 - 000000000 ____D C:\Users\Rush\AppData\Roaming\TS3Client
2018-03-15 23:42 - 2016-11-23 09:51 - 000000000 ____D C:\Users\Rush\AppData\Local\TeamViewer
2018-03-13 11:18 - 2016-12-11 20:38 - 000000000 ____D C:\Users\Rush\Desktop\eg foto
2018-03-12 14:25 - 2016-11-22 01:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-03-12 14:05 - 2017-10-06 22:04 - 000000000 ____D C:\Program Files (x86)\CMSClient
2018-03-12 14:03 - 2017-10-01 14:33 - 000000000 ____D C:\Program Files (x86)\CMS
2018-03-12 12:36 - 2016-11-22 01:03 - 000000000 ____D C:\SWSetup
2018-03-12 12:33 - 2018-01-26 16:18 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-03-12 12:26 - 2016-11-22 01:03 - 000000000 ____D C:\ProgramData\Atheros
2018-03-12 12:26 - 2009-07-14 06:45 - 005110656 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-12 12:13 - 2016-11-21 01:39 - 000000000 ____D C:\Windows\SysWOW64\SDA
2018-03-12 12:12 - 2018-01-26 16:18 - 000000000 ____D C:\Users\Rush\AppData\Roaming\Hewlett-Packard

==================== Files in the root of some directories =======

2017-10-01 14:33 - 2017-10-01 14:33 - 000054149 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2018-03-12 14:03 - 2018-03-12 14:03 - 000023093 _____ () C:\Program Files (x86)\CMS Uninstall Log.txt
2017-10-06 21:47 - 2017-10-06 21:47 - 000007910 _____ () C:\Program Files (x86)\Device Manager Setup Log.txt
2017-01-06 11:49 - 2017-11-01 18:24 - 000000132 _____ () C:\Users\Rush\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-03-06 10:16 - 2018-03-26 13:29 - 000000034 _____ () C:\Users\Rush\AppData\Roaming\AdobeWLCMCache.dat
2016-11-21 13:34 - 2018-04-10 11:02 - 000000600 _____ () C:\Users\Rush\AppData\Roaming\winscp.rnd
2016-12-19 18:31 - 2018-04-09 10:03 - 000000600 _____ () C:\Users\Rush\AppData\Local\PUTTY.RND
2017-09-18 10:30 - 2017-09-18 10:30 - 000007604 _____ () C:\Users\Rush\AppData\Local\Resmon.ResmonCfg
2016-11-21 11:07 - 2016-11-21 11:07 - 000000003 _____ () C:\Users\Rush\AppData\Local\updater.log
2016-11-21 11:07 - 2017-11-22 20:46 - 000000425 _____ () C:\Users\Rush\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2018-01-04 13:21 - 2018-01-04 13:21 - 000079736 _____ (AppWork GmbH) C:\Users\Rush\AppData\Local\Temp\131595384914778611.exe
2018-02-23 13:13 - 2018-02-23 13:13 - 000079736 _____ (AppWork GmbH) C:\Users\Rush\AppData\Local\Temp\131638580308345263.exe
2018-03-12 12:19 - 2018-03-12 12:19 - 000059392 _____ (Intel Corporation) C:\Users\Rush\AppData\Local\Temp\AtpTimerInfo.dll
2018-03-12 12:19 - 2018-03-12 12:19 - 001913344 _____ (Hewlett-Packard Company) C:\Users\Rush\AppData\Local\Temp\FlashDLL.dll
2017-09-21 22:33 - 2017-11-04 10:59 - 020522240 _____ (DeskShare Inc. ) C:\Users\Rush\AppData\Local\Temp\IPCameraViewer.exe
2017-07-24 20:54 - 2017-07-24 20:54 - 000739904 _____ (Oracle Corporation) C:\Users\Rush\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-09-12 20:37 - 2017-09-12 20:37 - 000552568 _____ (Logitech) C:\Users\Rush\AppData\Local\Temp\LDeviceInstaller.exe
2018-03-07 14:51 - 2018-03-07 14:51 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_2018375155718.dll
2018-03-07 14:51 - 2018-03-07 14:51 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_2018375155840.dll
2018-03-07 14:51 - 2018-03-07 14:51 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_2018375155882.dll
2018-03-07 14:51 - 2018-03-07 14:51 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_2018375155923.dll
2018-03-07 14:51 - 2018-03-07 14:51 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_2018375155988.dll
2018-03-07 14:51 - 2018-03-07 14:51 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_201837515638.dll
2018-03-07 14:52 - 2018-03-07 14:52 - 002149376 _____ (Opera Software) C:\Users\Rush\AppData\Local\Temp\Opera_installer_201837524965.dll
2017-09-12 20:39 - 2017-09-12 20:39 - 004238456 _____ (Logitech, Inc.) C:\Users\Rush\AppData\Local\Temp\PlugInInstallerUtility.exe
2018-02-23 13:14 - 2018-02-23 13:14 - 000040448 ____N () C:\Users\Rush\AppData\Local\Temp\proxy_vole2345613332735671984.dll
2017-09-12 12:03 - 2017-09-12 12:03 - 015301888 _____ (Microsoft Corporation) C:\Users\Rush\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-08 12:56

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Mailserver

#2 Příspěvek od JaRon »

ahoj,
vycisti PC s AVPTool - KVRT
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“