Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakovací okna

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Vyskakovací okna

#1 Příspěvek od liboreks »

Zdravím odborníci. Po delší době se mi opět na compu objevují vyskakovací okna v prohlížeči a občas je zpomalený.
Prosím o pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakovací okna

#2 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#3 Příspěvek od liboreks »

Bohužel to nejde...
Když chci otevřít první odkaz http://www.bleepingcomputer.com/downloa ... scan-tool/ tak mi to shodí prohlížeč (chrome i edge)
A po kliknutí na druhý odkaz http://viry.xf.cz/pro_usery/FRSTLauncher.exe se v edge objeví nedostupný obsah a v chrom to zablokuje pro škodlivý obsah

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakovací okna

#4 Příspěvek od Rudy »

Divné. Pokud nemáte win10 postačí log RSIT: https://forum.viry.cz/viewtopic.php?f=13&t=152706 . V desítkách z něj ovšem nemohu mazat, riskoval bych poškození systému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#5 Příspěvek od liboreks »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Libor at 2018-06-29 21:05:13
Microsoft Windows 10 Home
System drive C: has 171 GB (37%) free of 465 GB
Total RAM: 3967 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:05:16, on 29.06.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SysWOW64\svchost.exe
C:\WINDOWS\SysWOW64\svchost.exe
C:\Program Files\trend micro\Libor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Epson Stylus SX125] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\windows\TEMP\E_SD5AF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Libor\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SDF92.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Libor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, LLC. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: McAfee True Key Scheduler (TrueKeyScheduler) - McAfee, LLC. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: McAfee True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12183 bytes

======Listing Processes======








winlogon.exe


c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b0a28170-fe4e-4950-bee5-138c4ca342ad -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d353b911-3cca-4418-89eb-6a59a77ff8ee -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-22121ca6-dbd5-44bc-ada9-a7254434b258 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-da8f4646-f63e-41c9-9dca-5634b1542b75 -LifetimeId:b9764783-d0fb-4463-a709-2b81dd0f9a77 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s WwanSvc

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {6184841b-66b7-405c-b72c062282fbbe5c}
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
AvastUI.exe /nogui
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s SmsRouter
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\WINDOWS\SysWOW64\svchost.exe"
"C:\WINDOWS\SysWOW64\svchost.exe" --config="C:\Users\Libor\AppData\Local\Temp\{4DFD70}"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x488
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-156262907-2237363827-403031446-10015_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-156262907-2237363827-403031446-10015 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 720 724 732 8192 728
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Libor\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

=========Mozilla firefox=========

ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.172.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.172.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-28 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-28 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-06-20 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Epson Stylus SX125"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [2009-09-14 224768]
"Spotify Web Helper"=C:\Users\Libor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-09-20 1529456]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-06-24 18385368]
"EPSON SX125 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [2009-09-14 224768]
"OneDrive"=C:\Users\Libor\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-06-19 1628840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-02 491120]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SafeModeBlockNonAdmins"=1
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-29 21:05:13 ----D---- C:\rsit
2018-06-20 14:32:33 ----A---- C:\WINDOWS\system32\drivers\aswElam.sys
2018-06-20 14:31:52 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-06-15 19:08:37 ----D---- C:\WINDOWS\Minidump
2018-06-14 13:17:44 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-14 13:17:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-14 13:17:35 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-06-14 13:17:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-06-14 13:17:31 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-06-14 13:17:24 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-14 13:17:19 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-06-14 13:17:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-14 13:17:13 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-06-14 13:17:11 ----A---- C:\WINDOWS\system32\shell32.dll
2018-06-14 13:17:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-06-14 13:17:07 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-06-14 13:17:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-06-14 13:16:59 ----A---- C:\WINDOWS\system32\tquery.dll
2018-06-14 13:16:58 ----A---- C:\WINDOWS\system32\cdp.dll
2018-06-14 13:16:57 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-06-14 13:16:57 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-06-14 13:16:55 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-06-14 13:16:54 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-14 13:16:53 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-14 13:16:53 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-14 13:16:52 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-06-14 13:16:52 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-14 13:16:51 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2018-06-14 13:16:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-06-14 13:16:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-14 13:16:50 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-06-14 13:16:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-06-14 13:16:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-06-14 13:16:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-06-14 13:16:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2018-06-14 13:16:47 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-06-14 13:16:47 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2018-06-14 13:16:46 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2018-06-14 13:16:45 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-14 13:16:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-06-14 13:16:43 ----A---- C:\WINDOWS\system32\combase.dll
2018-06-14 13:16:42 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-06-14 13:16:41 ----A---- C:\WINDOWS\system32\OpcServices.dll
2018-06-14 13:16:41 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-14 13:16:41 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-14 13:16:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-06-14 13:16:40 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-06-14 13:16:40 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-06-14 13:16:39 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\system32\wpnapps.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-06-14 13:16:36 ----A---- C:\WINDOWS\system32\CoreShell.dll
2018-06-14 13:16:36 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-06-14 13:16:35 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2018-06-14 13:16:35 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2018-06-14 13:16:35 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-14 13:16:34 ----A---- C:\WINDOWS\system32\wininet.dll
2018-06-14 13:16:34 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-14 13:16:34 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-06-14 13:16:33 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-14 13:16:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-06-14 13:16:33 ----A---- C:\WINDOWS\system32\d2d1.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-14 13:16:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-06-14 13:16:30 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-06-14 13:16:29 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-06-14 13:16:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\system32\d3d9.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-14 13:16:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-06-14 13:16:27 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-14 13:16:26 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-06-14 13:16:26 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\SYSWOW64\MSAudDecMFT.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-14 13:16:24 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-06-14 13:16:24 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-06-14 13:16:24 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-06-14 13:16:22 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\system32\usocore.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-06-14 13:16:19 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-06-14 13:16:19 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-14 13:16:19 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-06-14 13:16:17 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-14 13:16:16 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-06-14 13:16:16 ----A---- C:\WINDOWS\system32\mf.dll
2018-06-14 13:16:16 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\msftedit.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-14 13:16:13 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2018-06-14 13:16:13 ----A---- C:\WINDOWS\system32\ISM.dll
2018-06-14 13:16:13 ----A---- C:\WINDOWS\system32\dxgi.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\jscript.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2018-06-14 13:16:11 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2018-06-14 13:16:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-06-14 13:16:11 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-14 13:16:10 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-06-14 13:16:06 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-06-14 13:16:06 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2018-06-14 13:16:06 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-06-14 13:16:06 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-14 13:16:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-14 13:16:05 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-06-14 13:16:05 ----A---- C:\WINDOWS\system32\propsys.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-06-14 13:16:02 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2018-06-14 13:16:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-06-14 13:16:02 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\dui70.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-06-14 13:16:00 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2018-06-14 13:16:00 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-06-14 13:15:59 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-06-14 13:15:59 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-06-14 13:15:59 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\mfds.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\esent.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\winload.exe
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\webservices.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\SHCore.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\ci.dll
2018-06-14 13:15:54 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2018-06-14 13:15:54 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2018-06-14 13:15:54 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2018-06-14 13:15:54 ----A---- C:\WINDOWS\system32\winresume.exe
2018-06-14 13:15:53 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-06-14 13:15:53 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-14 13:15:53 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-14 13:15:53 ----A---- C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\ReAgent.dll
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\SYSWOW64\dui70.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\wevtutil.exe
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\msdtctm.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\credprovs.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-06-14 13:15:48 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-06-14 13:15:48 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2018-06-14 13:15:48 ----A---- C:\WINDOWS\system32\DXP.dll
2018-06-14 13:15:46 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-06-14 13:15:45 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2018-06-14 13:15:45 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-06-14 13:15:44 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-06-14 13:15:43 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2018-06-14 13:15:43 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-06-14 13:15:43 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-06-14 13:15:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-06-14 13:15:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2018-06-14 13:15:42 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2018-06-14 13:15:42 ----A---- C:\WINDOWS\system32\rasplap.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\LanguageOverlayUtil.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\system32\skci.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\mfps.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-06-14 13:15:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\SYSWOW64\kernel.appcore.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\kernel.appcore.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\GenValObj.exe
2018-06-14 13:15:36 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\uefi.sys
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-06-14 13:15:35 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\mstsc.exe
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\ClipUp.exe
2018-06-14 13:15:33 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\bcrypt.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\Ucx01000.sys
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-06-14 13:15:31 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-06-14 13:15:31 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2018-06-14 13:15:31 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-06-14 13:15:31 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\MSMPEG2ENC.DLL
2018-06-14 13:15:29 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-06-14 13:15:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-14 13:15:28 ----A---- C:\WINDOWS\SYSWOW64\wevtutil.exe
2018-06-14 13:15:28 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-06-14 13:15:28 ----A---- C:\WINDOWS\system32\easwrt.dll
2018-06-14 13:15:28 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\MSAC3ENC.DLL
2018-06-14 13:15:27 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\srms-apr.dat
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\srms-apr.dat
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\sppcext.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\MDEServer.exe
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\SYSWOW64\msdt.exe
2018-06-14 13:15:25 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-14 13:15:24 ----A---- C:\WINDOWS\system32\msdt.exe
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\MSHEIF.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\tbauth.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\SIHClient.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\msi.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\MSHEIF.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\GamePanel.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\edpnotify.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\aadtb.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\tzres.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-06 16:24:14 ----D---- C:\Program Files\Epic Games
2018-06-06 16:17:41 ----D---- C:\ProgramData\Epic

======List of files/folders modified in the last 1 month======

2018-06-29 21:05:15 ----D---- C:\Program Files\trend micro
2018-06-29 21:04:42 ----D---- C:\WINDOWS\Prefetch
2018-06-29 21:04:29 ----D---- C:\WINDOWS\Temp
2018-06-29 21:04:21 ----D---- C:\WINDOWS\system32\sru
2018-06-29 21:03:31 ----D---- C:\WINDOWS\system32\SleepStudy
2018-06-29 20:32:13 ----SHD---- C:\WINDOWS\Installer
2018-06-29 19:55:30 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-06-29 19:49:48 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2018-06-29 19:48:25 ----D---- C:\Windows
2018-06-29 19:45:29 ----AD---- C:\Program Files (x86)\TeamViewer
2018-06-29 19:39:54 ----D---- C:\Users\Libor\AppData\Roaming\uTorrent
2018-06-29 19:39:54 ----D---- C:\Users\Libor\AppData\Roaming\TeamViewer
2018-06-29 19:39:34 ----DC---- C:\WINDOWS\Panther
2018-06-29 19:39:34 ----D---- C:\WINDOWS\INF
2018-06-29 19:39:34 ----D---- C:\WINDOWS\debug
2018-06-29 19:37:15 ----RD---- C:\Program Files (x86)
2018-06-29 19:36:21 ----D---- C:\ProgramData\Origin
2018-06-29 19:35:08 ----RD---- C:\WINDOWS\assembly
2018-06-29 19:34:24 ----RSD---- C:\WINDOWS\Fonts
2018-06-29 19:33:31 ----SHD---- C:\System Volume Information
2018-06-29 19:30:51 ----D---- C:\Program Files (x86)\Common Files
2018-06-29 19:28:17 ----D---- C:\WINDOWS\AppReadiness
2018-06-29 19:28:16 ----HD---- C:\Program Files\WindowsApps
2018-06-29 19:26:20 ----D---- C:\WINDOWS\system32\LogFiles
2018-06-29 19:22:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-29 19:05:52 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-29 18:25:25 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-06-29 17:28:22 ----D---- C:\Users\Libor\AppData\Roaming\Skype
2018-06-28 18:51:58 ----D---- C:\WINDOWS\SysWOW64
2018-06-28 18:51:49 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2018-06-28 18:51:24 ----D---- C:\Program Files (x86)\Java
2018-06-28 18:50:52 ----D---- C:\Program Files\WinRAR
2018-06-28 18:50:49 ----D---- C:\WINDOWS\system32\Tasks
2018-06-28 18:35:40 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2018-06-27 10:43:33 ----D---- C:\WINDOWS\Logs
2018-06-24 11:19:40 ----D---- C:\WINDOWS\system32\WDI
2018-06-24 11:12:26 ----D---- C:\Program Files (x86)\McAfee
2018-06-24 11:11:52 ----D---- C:\Program Files\TrueKey
2018-06-24 11:09:06 ----D---- C:\Users\Libor\AppData\Roaming\Seznam.cz
2018-06-24 11:08:43 ----D---- C:\Program Files (x86)\Seznam.cz
2018-06-24 11:06:53 ----D---- C:\WINDOWS\system32\config
2018-06-24 11:06:18 ----AD---- C:\Program Files (x86)\ffDiaporama
2018-06-24 11:05:29 ----D---- C:\Program Files (x86)\Blender Foundation
2018-06-24 11:04:53 ----D---- C:\Program Files (x86)\AppInventor
2018-06-21 11:03:03 ----D---- C:\Program Files\Common Files\AV
2018-06-20 21:41:29 ----D---- C:\ProgramData
2018-06-20 19:09:23 ----D---- C:\WINDOWS\System32
2018-06-20 19:09:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-20 19:02:26 ----D---- C:\WINDOWS\system32\drivers
2018-06-20 19:01:21 ----D---- C:\WINDOWS\system32\CatRoot
2018-06-20 18:59:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-06-20 14:31:52 ----HD---- C:\WINDOWS\ELAMBKUP
2018-06-15 14:31:53 ----D---- C:\WINDOWS\WinSxS
2018-06-14 17:43:13 ----D---- C:\WINDOWS\system32\DriverStore
2018-06-14 17:40:59 ----D---- C:\WINDOWS\system32\catroot2
2018-06-14 17:39:12 ----D---- C:\WINDOWS\TextInput
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\setup
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\oobe
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\zu-ZA
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\yo-NG
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\xh-ZA
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\wo-SN
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\tn-ZA
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\ti-ET
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\setup
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\rw-RW
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\oobe
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\nso-ZA
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ig-NG
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\en-US
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\Dism
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\cs-CZ
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\Boot
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\appraiser
2018-06-14 17:39:02 ----D---- C:\WINDOWS\ShellExperiences
2018-06-14 17:38:59 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-06-14 17:38:59 ----D---- C:\WINDOWS\bcastdvr
2018-06-14 17:38:59 ----D---- C:\WINDOWS\apppatch
2018-06-14 17:38:59 ----D---- C:\Program Files\Windows Photo Viewer
2018-06-14 17:38:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-06-14 13:34:06 ----D---- C:\WINDOWS\system32\MRT
2018-06-14 13:26:59 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-14 13:26:49 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-06-14 13:26:33 ----D---- C:\WINDOWS\CbsTemp
2018-06-07 16:10:45 ----D---- C:\WINDOWS\system32\Macromed
2018-06-06 18:38:47 ----D---- C:\Users\Libor\AppData\Roaming\.minecraft
2018-06-06 16:24:14 ----RD---- C:\Program Files
2018-06-06 16:21:03 ----D---- C:\ProgramData\Package Cache
2018-06-06 01:29:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-06-20 201328]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-06-20 346664]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-06-20 59592]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-06-20 85968]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-06-20 381584]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-06-20 197160]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-06-20 229392]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-06-20 239680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-06-20 111872]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-06-20 1027728]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-06-20 463080]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-06-20 159640]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-06-20 211160]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 dot4;@oem0.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
R3 Dot4Print;@oem44.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2013-06-04 21928]
R3 dot4usb;@oem0.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-01 3564376]
R3 iwdbus;@oem64.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2018-04-12 121344]
R3 MarvinBus;@oem10.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;@oem33.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-18 62784]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-06-20 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-06-20 46976]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 Impcd;Impcd; C:\WINDOWS\System32\drivers\Impcd.sys [2012-08-29 158976]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-08 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-20 322464]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_5cdc9;Uživatelská služba platformy připojených zařízení_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 OneSyncSvc_5cdc9;Hostitel synchronizace_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-01 246488]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [2014-11-26 118576]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-04-12 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-20 7780400]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-20 43648]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_5cdc9;Data kontaktů_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-08 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MessagingService_5cdc9;Služba zasílání zpráv_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-08 164984]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_5cdc9;Uživatelská služba pro GameDVR a vysílání her_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_5cdc9;Služba pro podporu uživatelů Bluetooth_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_5cdc9;DevicePicker_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_5cdc9;Tok zařízení_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-04-12 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-29 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_5cdc9;PrintWorkflow_5cdc9; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakovací okna

#6 Příspěvek od Rudy »

Rudy píše:Divné. Pokud nemáte win10 postačí log RSIT: https://forum.viry.cz/viewtopic.php?f=13&t=152706 . V desítkách z něj ovšem nemohu mazat, riskoval bych poškození systému.
Njn. To je k ničemu. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#7 Příspěvek od liboreks »

Tak comp je asi v háji. Opět spadne prohlížeč po klepnutí na odkaz.
Nicméně jsem si FRST a Adwcleaner stáhnul do noťasu a přes flashku nahrál do compu, ale i tak po spuštění FRSTLaunch vyblikne jen úvodní hláška a po klepnutí na OK se v mikrosekundě problikne asi ty zatržítka a zmizí to. Stejné i u adw.
Pomůže reinstal win nebo nějaká jiná rada?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakovací okna

#8 Příspěvek od Rudy »

Ještě zkuste prohlížeče vyčistit. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#9 Příspěvek od liboreks »

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Libor on 30.06.2018 at 18:33:49,60.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Libor\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30.06.2018 18:40:32 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\2K Games deleted successfully
C:\PROGRA~2\AppInventor deleted successfully
C:\PROGRA~2\Blender Foundation deleted successfully
C:\PROGRA~2\McAfee deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Avid deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\regid.1986-12.com.adobe deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Libor\AppData\Local\ActiveSync deleted successfully
C:\Users\Libor\AppData\Local\DBG deleted successfully
C:\Users\Libor\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Libor\AppData\Local\EmieSiteList deleted successfully
C:\Users\Libor\AppData\Local\EmieUserList deleted successfully
C:\Users\Libor\AppData\Local\GHISLER deleted successfully
C:\Users\Libor\AppData\Local\PackageStaging deleted successfully
C:\Users\Libor\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\Users\Libor\AppData\Local\Skype deleted successfully
C:\Users\Libor\AppData\Local\WMTools Downloaded Files deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default\prefs.js:

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"sendToDevice
---- Lines extensions.4PVuqfWZeD5avM9P removed from prefs.js ----
user_pref("extensions.4PVuqfWZeD5avM9P.epoch", "1");
user_pref("extensions.4PVuqfWZeD5avM9P.scode", "void(0);");
user_pref("extensions.4PVuqfWZeD5avM9P.url", "http://keepfield.info/sync/?q=C6qUojsGq ... CMlNhd9Fqj
---- Lines extensions.FCV1AGQCqdGiBzh9 removed from prefs.js ----
user_pref("extensions.FCV1AGQCqdGiBzh9.epoch", "1");
user_pref("extensions.FCV1AGQCqdGiBzh9.scode", "void(0);");
user_pref("extensions.FCV1AGQCqdGiBzh9.url", "http://gethexnow.info/sync/?q=C6qUojn4r ... heDUojw8rd
---- Lines extensions.Jwn9SLRpHQB35C2P removed from prefs.js ----
user_pref("extensions.Jwn9SLRpHQB35C2P.epoch", "1");
user_pref("extensions.Jwn9SLRpHQB35C2P.scode", "void(0);");
user_pref("extensions.Jwn9SLRpHQB35C2P.url", "http://veterances.org/sync/?q=C6qUojsGq ... CMlNhd9Fqj
---- Lines extensions.TAfTRkByYARKdxkJ removed from prefs.js ----
user_pref("extensions.TAfTRkByYARKdxkJ.epoch", "1");
user_pref("extensions.TAfTRkByYARKdxkJ.scode", "void(0);");
user_pref("extensions.TAfTRkByYARKdxkJ.url", "http://northlist.in/sync/?q=C6qUojw7qHr ... tVh7n0rjkE
---- Lines extensions.v5muYNXIjrXFIQbF removed from prefs.js ----
user_pref("extensions.v5muYNXIjrXFIQbF.epoch", "1");
user_pref("extensions.v5muYNXIjrXFIQbF.scode", "void(0);");
user_pref("extensions.v5muYNXIjrXFIQbF.url", "http://mycontracter.net/sync/?q=C6qUojw ... a6tNtVh7n0
---- FireFox user.js and prefs.js backups ----

prefs__1916_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\2K Games not found
C:\PROGRA~2\AppInventor not found
C:\PROGRA~2\Blender Foundation not found
C:\PROGRA~2\McAfee not found
C:\PROGRA~2\Seznam.cz not found
C:\Users\Libor\AppData\Local\2K Games deleted
C:\PROGRA~2\WhiTeDeaLis deleted
C:\PROGRA~2\Silver Bird Plus Twitter Client deleted
C:\found.001 deleted
C:\found.002 deleted
C:\PROGRA~3\{AFF99647-6D64-46F2-934A-F12F468037F6} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Libor\AppData\Local\MSGBOX.EXE deleted
C:\Users\Libor\AppData\Local\Unity deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
C:\Users\Libor\AppData\LocalLow\Unity deleted
C:\Users\Libor\ojauEuUAB.exe deleted
C:\Users\Libor\sAsoAcuUzEm.exe deleted
"C:\Users\Libor\AppData\Local\AVAST Software\APM\LiborFfl2.dat" not deleted
"C:\Users\Libor\AppData\Local\AVAST Software\APM\Libor\kv_pam.db" not deleted
"C:\Users\Libor\AppData\Local\AVAST Software" not deleted
"C:\Users\Libor\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Libor\AppData\Local\AVAST Software\APM\Libor" not deleted

==== Orphaned Tasks deleted from Registry ======================

AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted
WPD\SqmUpload_S-1-5-21-156262907-2237363827-403031446-1001 deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default
- __MSG_avastAppName__ - %ProfilePath%\extensions\sp@avast.com.xpi
- Avast Online Security - %ProfilePath%\extensions\wrc@avast.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default
- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll - [?]
- C:\Users\Libor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - [?]
81D6D6EE6226773449C5CBE9496EDAF6 - c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll - Microsoft® Silverlight
FC18E6D133877BE07C753552705A5B8C - c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll - Silverlight Plug-In


==== Chromium Look ======================

Google Chrome Version: 67.0.3396.99

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]

Seznam doplněk - Email - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam doplněk - Esko- - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast SafePrice - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Add to Bookmark - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhhebggkmeibdfgceaniohnodpdlecf
AudioSauna - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae
Seznam doplněk - Esko - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gomekmidlodglbbmalcneegieacbdmki_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{36F32D9E-4241-4526-BF7A-6E39AE0B6E58} - http://tv.seznam.cz/hledej?w={searchTer ... arch_27368

==== Reset Google Chrome ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Libor\AppData\Local\Mozilla\Firefox\Profiles\59oki02d.default\cache2 will be emptied at reboot

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2533 folders=1051 983695524 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Libor\AppData\Local\Temp will be emptied at reboot
C:\Users\Vojta\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Libor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Libor\AppData\Local\AVAST Software\APM\LiborFfl2.dat" not found
"C:\Users\Libor\AppData\Local\AVAST Software\APM\Libor\kv_pam.db" not found
"C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\Libor\AppData\Local\AVAST Software" not found
"C:\Users\Libor\AppData\Local\Mozilla\Firefox\Profiles\59oki02d.default\cache2\entries" not deleted

==== EOF on 30.06.2018 at 19:36:39,37 ======================

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#10 Příspěvek od liboreks »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Libor (Administrator) on 30.06.2018 at 19:40:50,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 6

Successfully deleted: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)
Successfully deleted: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fanogbnclpilemkifpjeglokomebpnef_0.localstorage (File)
Successfully deleted: C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Successfully deleted: C:\Users\Libor\AppData\Roaming\appdataFr25.bin (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.06.2018 at 19:45:32,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakovací okna

#11 Příspěvek od Rudy »

Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#12 Příspěvek od liboreks »

Okna z různými weby vyskakují pořád, ale již je možné spustit RSIT a Adwcleaner. FRST spustit stále nejde
Dám log RSIT.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#13 Příspěvek od liboreks »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Libor at 2018-06-30 20:49:53
Microsoft Windows 10 Home
System drive C: has 171 GB (37%) free of 465 GB
Total RAM: 3967 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:57, on 30.06.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\SysWOW64\svchost.exe
C:\WINDOWS\SysWOW64\svchost.exe
C:\Program Files\trend micro\Libor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Epson Stylus SX125] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\windows\TEMP\E_SD5AF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Libor\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPSON SX125 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\WINDOWS\TEMP\E_SDF92.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Libor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, LLC. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: McAfee True Key Scheduler (TrueKeyScheduler) - McAfee, LLC. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: McAfee True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12144 bytes

======Listing Processes======










winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4de294e2-4a1d-45df-8440-70d66df4848c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9dac54d2-56fa-45f6-a28f-bb995c32d8b3 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5ceacc76-dff5-4800-91da-553fc715f4d7 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4b2947e3-7ea3-4864-9d67-cc08ab3718c0 -LifetimeId:9a25dcc7-8f21-4e39-95b9-d671c9561cd1 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc

c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s WwanSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {8167528a-6386-4a02-8764368d8a84d929}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /c
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s SmsRouter
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\WINDOWS\SysWOW64\svchost.exe"
"C:\WINDOWS\SysWOW64\svchost.exe" --config="C:\Users\Libor\AppData\Local\Temp\{3ED5F7}"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\msiexec.exe /V
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Libor\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\59oki02d.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.172.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_172\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.172.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_172\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll [2018-06-28 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll [2018-06-28 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-06-20 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Epson Stylus SX125"=C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [2009-09-14 224768]
"Spotify Web Helper"=C:\Users\Libor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-09-20 1529456]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-06-24 18385368]
"EPSON SX125 Series"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [2009-09-14 224768]
"OneDrive"=C:\Users\Libor\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-06-19 1628840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08 111120]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2012-07-02 491120]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SafeModeBlockNonAdmins"=1
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-06-30 19:37:01 ----SHD---- C:\$RECYCLE.BIN
2018-06-30 19:30:09 ----A---- C:\WINDOWS\zoek-delete.exe
2018-06-30 19:30:08 ----D---- C:\WINDOWS\Temp
2018-06-30 18:33:43 ----D---- C:\zoek_backup
2018-06-29 21:05:13 ----D---- C:\rsit
2018-06-20 14:32:33 ----A---- C:\WINDOWS\system32\drivers\aswElam.sys
2018-06-20 14:31:52 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-06-15 19:08:37 ----D---- C:\WINDOWS\Minidump
2018-06-14 13:17:44 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-14 13:17:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-14 13:17:35 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-06-14 13:17:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-06-14 13:17:31 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2018-06-14 13:17:24 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-14 13:17:19 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-06-14 13:17:16 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-14 13:17:13 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-06-14 13:17:11 ----A---- C:\WINDOWS\system32\shell32.dll
2018-06-14 13:17:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-06-14 13:17:07 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-06-14 13:17:02 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-06-14 13:16:59 ----A---- C:\WINDOWS\system32\tquery.dll
2018-06-14 13:16:58 ----A---- C:\WINDOWS\system32\cdp.dll
2018-06-14 13:16:57 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-06-14 13:16:57 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-06-14 13:16:55 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-06-14 13:16:54 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-14 13:16:53 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-14 13:16:53 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-14 13:16:52 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-06-14 13:16:52 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-14 13:16:51 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2018-06-14 13:16:51 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-06-14 13:16:50 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-14 13:16:50 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2018-06-14 13:16:49 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-06-14 13:16:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-06-14 13:16:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-06-14 13:16:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2018-06-14 13:16:47 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-06-14 13:16:47 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2018-06-14 13:16:46 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2018-06-14 13:16:45 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-06-14 13:16:44 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-14 13:16:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-06-14 13:16:43 ----A---- C:\WINDOWS\system32\combase.dll
2018-06-14 13:16:42 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-06-14 13:16:41 ----A---- C:\WINDOWS\system32\OpcServices.dll
2018-06-14 13:16:41 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-14 13:16:41 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-14 13:16:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-06-14 13:16:40 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-06-14 13:16:40 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-06-14 13:16:39 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\system32\wpnapps.dll
2018-06-14 13:16:38 ----A---- C:\WINDOWS\system32\comsvcs.dll
2018-06-14 13:16:36 ----A---- C:\WINDOWS\system32\CoreShell.dll
2018-06-14 13:16:36 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-06-14 13:16:35 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2018-06-14 13:16:35 ----A---- C:\WINDOWS\system32\WMVCORE.DLL
2018-06-14 13:16:35 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-14 13:16:34 ----A---- C:\WINDOWS\system32\wininet.dll
2018-06-14 13:16:34 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-14 13:16:34 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-06-14 13:16:33 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-14 13:16:33 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-06-14 13:16:33 ----A---- C:\WINDOWS\system32\d2d1.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-06-14 13:16:32 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-14 13:16:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-06-14 13:16:30 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2018-06-14 13:16:29 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-06-14 13:16:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\system32\d3d9.dll
2018-06-14 13:16:28 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-14 13:16:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.dll
2018-06-14 13:16:27 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-14 13:16:26 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-06-14 13:16:26 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\SYSWOW64\MSAudDecMFT.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\system32\SndVolSSO.dll
2018-06-14 13:16:25 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-14 13:16:24 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-06-14 13:16:24 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-06-14 13:16:24 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2018-06-14 13:16:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-06-14 13:16:22 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-14 13:16:21 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\system32\usocore.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2018-06-14 13:16:20 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-06-14 13:16:19 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-06-14 13:16:19 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-14 13:16:19 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-14 13:16:18 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-06-14 13:16:17 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-14 13:16:16 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-06-14 13:16:16 ----A---- C:\WINDOWS\system32\mf.dll
2018-06-14 13:16:16 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-14 13:16:15 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\msftedit.dll
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-06-14 13:16:14 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-14 13:16:13 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2018-06-14 13:16:13 ----A---- C:\WINDOWS\system32\ISM.dll
2018-06-14 13:16:13 ----A---- C:\WINDOWS\system32\dxgi.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\jscript.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-06-14 13:16:12 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2018-06-14 13:16:11 ----A---- C:\WINDOWS\SYSWOW64\SndVolSSO.dll
2018-06-14 13:16:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-06-14 13:16:11 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-14 13:16:10 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-06-14 13:16:06 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-06-14 13:16:06 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2018-06-14 13:16:06 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-06-14 13:16:06 ----A---- C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-14 13:16:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-14 13:16:05 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-06-14 13:16:05 ----A---- C:\WINDOWS\system32\propsys.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\rpcss.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-06-14 13:16:04 ----A---- C:\WINDOWS\system32\gdi32full.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-14 13:16:03 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-06-14 13:16:02 ----A---- C:\WINDOWS\SYSWOW64\WMVCORE.DLL
2018-06-14 13:16:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-06-14 13:16:02 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\dui70.dll
2018-06-14 13:16:01 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2018-06-14 13:16:00 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2018-06-14 13:16:00 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-06-14 13:15:59 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-06-14 13:15:59 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-06-14 13:15:59 ----A---- C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\mfds.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\esent.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-14 13:15:58 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\WinTypes.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\winload.exe
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-14 13:15:57 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\webservices.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\SHCore.dll
2018-06-14 13:15:56 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-06-14 13:15:55 ----A---- C:\WINDOWS\system32\ci.dll
2018-06-14 13:15:54 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2018-06-14 13:15:54 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2018-06-14 13:15:54 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2018-06-14 13:15:54 ----A---- C:\WINDOWS\system32\winresume.exe
2018-06-14 13:15:53 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-06-14 13:15:53 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-14 13:15:53 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-14 13:15:53 ----A---- C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\ReAgent.dll
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-06-14 13:15:52 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\SYSWOW64\dui70.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-14 13:15:51 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\wevtutil.exe
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\msdtctm.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-14 13:15:50 ----A---- C:\WINDOWS\system32\credprovs.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2018-06-14 13:15:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-06-14 13:15:48 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-06-14 13:15:48 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2018-06-14 13:15:48 ----A---- C:\WINDOWS\system32\DXP.dll
2018-06-14 13:15:46 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-06-14 13:15:45 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2018-06-14 13:15:45 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-06-14 13:15:44 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-06-14 13:15:43 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2018-06-14 13:15:43 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-06-14 13:15:43 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-06-14 13:15:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-06-14 13:15:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2018-06-14 13:15:42 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2018-06-14 13:15:42 ----A---- C:\WINDOWS\system32\rasplap.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\SYSWOW64\LanguageOverlayUtil.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\system32\skci.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-06-14 13:15:41 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\vertdll.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\mfps.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-14 13:15:40 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-06-14 13:15:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\SYSWOW64\kernel.appcore.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\kernel.appcore.dll
2018-06-14 13:15:39 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-14 13:15:38 ----A---- C:\WINDOWS\system32\GenValObj.exe
2018-06-14 13:15:36 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\uefi.sys
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2018-06-14 13:15:36 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-06-14 13:15:35 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-06-14 13:15:35 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\mstsc.exe
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2018-06-14 13:15:34 ----A---- C:\WINDOWS\system32\ClipUp.exe
2018-06-14 13:15:33 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-06-14 13:15:33 ----A---- C:\WINDOWS\system32\bcrypt.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\Ucx01000.sys
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-06-14 13:15:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-06-14 13:15:31 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-06-14 13:15:31 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2018-06-14 13:15:31 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-06-14 13:15:31 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-14 13:15:30 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\SYSWOW64\MSMPEG2ENC.DLL
2018-06-14 13:15:29 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-14 13:15:29 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-06-14 13:15:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-14 13:15:28 ----A---- C:\WINDOWS\SYSWOW64\wevtutil.exe
2018-06-14 13:15:28 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-06-14 13:15:28 ----A---- C:\WINDOWS\system32\easwrt.dll
2018-06-14 13:15:28 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\SYSWOW64\MSAC3ENC.DLL
2018-06-14 13:15:27 ----A---- C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-14 13:15:27 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\srms-apr.dat
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\TDLMigration.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\srms-apr.dat
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\sppcext.dll
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\MDEServer.exe
2018-06-14 13:15:26 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\SYSWOW64\msdt.exe
2018-06-14 13:15:25 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-06-14 13:15:25 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-14 13:15:24 ----A---- C:\WINDOWS\system32\msdt.exe
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-06-14 13:15:23 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\MSHEIF.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\tbauth.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\SIHClient.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\msi.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\MSHEIF.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\GamePanel.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\edpnotify.exe
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-14 13:15:22 ----A---- C:\WINDOWS\system32\aadtb.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\tzres.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\drivers\mpsdrv.sys
2018-06-14 13:15:21 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-06 16:24:14 ----D---- C:\Program Files\Epic Games
2018-06-06 16:17:41 ----D---- C:\ProgramData\Epic

======List of files/folders modified in the last 1 month======

2018-06-30 20:49:55 ----D---- C:\Program Files\trend micro
2018-06-30 20:49:49 ----D---- C:\WINDOWS\Prefetch
2018-06-30 20:49:08 ----D---- C:\WINDOWS\system32\SleepStudy
2018-06-30 20:49:07 ----SHD---- C:\WINDOWS\Installer
2018-06-30 20:36:01 ----D---- C:\WINDOWS\system32\sru
2018-06-30 19:53:47 ----D---- C:\WINDOWS\system32\LogFiles
2018-06-30 19:52:07 ----RD---- C:\WINDOWS\Microsoft.NET
2018-06-30 19:51:17 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-06-30 19:47:00 ----D---- C:\AdwCleaner
2018-06-30 19:41:38 ----SHD---- C:\System Volume Information
2018-06-30 19:37:58 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2018-06-30 19:35:08 ----AD---- C:\Program Files (x86)\TeamViewer
2018-06-30 19:34:58 ----D---- C:\Windows
2018-06-30 19:18:25 ----D---- C:\WINDOWS\system32\Tasks
2018-06-30 19:18:22 ----RD---- C:\Program Files (x86)
2018-06-30 19:18:22 ----D---- C:\ProgramData
2018-06-30 18:46:25 ----D---- C:\Program Files (x86)\Common Files
2018-06-30 18:41:48 ----D---- C:\WINDOWS\system32\drivers\etc
2018-06-30 18:33:45 ----D---- C:\WINDOWS\SysWOW64
2018-06-29 22:17:33 ----D---- C:\WINDOWS\INF
2018-06-29 19:57:18 ----D---- C:\WINDOWS\debug
2018-06-29 19:39:54 ----D---- C:\Users\Libor\AppData\Roaming\uTorrent
2018-06-29 19:39:54 ----D---- C:\Users\Libor\AppData\Roaming\TeamViewer
2018-06-29 19:39:34 ----DC---- C:\WINDOWS\Panther
2018-06-29 19:36:21 ----D---- C:\ProgramData\Origin
2018-06-29 19:35:08 ----RD---- C:\WINDOWS\assembly
2018-06-29 19:34:24 ----RSD---- C:\WINDOWS\Fonts
2018-06-29 19:28:17 ----D---- C:\WINDOWS\AppReadiness
2018-06-29 19:28:16 ----HD---- C:\Program Files\WindowsApps
2018-06-29 19:22:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-29 18:25:25 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-06-29 17:28:22 ----D---- C:\Users\Libor\AppData\Roaming\Skype
2018-06-28 18:51:49 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2018-06-28 18:51:24 ----D---- C:\Program Files (x86)\Java
2018-06-28 18:50:52 ----D---- C:\Program Files\WinRAR
2018-06-28 18:35:40 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2018-06-27 10:43:33 ----D---- C:\WINDOWS\Logs
2018-06-24 11:19:40 ----D---- C:\WINDOWS\system32\WDI
2018-06-24 11:11:52 ----D---- C:\Program Files\TrueKey
2018-06-24 11:09:06 ----D---- C:\Users\Libor\AppData\Roaming\Seznam.cz
2018-06-24 11:06:53 ----D---- C:\WINDOWS\system32\config
2018-06-24 11:06:18 ----AD---- C:\Program Files (x86)\ffDiaporama
2018-06-21 11:03:03 ----D---- C:\Program Files\Common Files\AV
2018-06-20 19:09:23 ----D---- C:\WINDOWS\System32
2018-06-20 19:09:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-20 19:02:26 ----D---- C:\WINDOWS\system32\drivers
2018-06-20 19:01:21 ----D---- C:\WINDOWS\system32\CatRoot
2018-06-20 18:59:42 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-06-20 14:31:52 ----HD---- C:\WINDOWS\ELAMBKUP
2018-06-15 14:31:53 ----D---- C:\WINDOWS\WinSxS
2018-06-14 17:43:13 ----D---- C:\WINDOWS\system32\DriverStore
2018-06-14 17:40:59 ----D---- C:\WINDOWS\system32\catroot2
2018-06-14 17:39:12 ----D---- C:\WINDOWS\TextInput
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\setup
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\oobe
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2018-06-14 17:39:12 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\zu-ZA
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\yo-NG
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\xh-ZA
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\wo-SN
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\tn-ZA
2018-06-14 17:39:08 ----D---- C:\WINDOWS\system32\ti-ET
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\setup
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\rw-RW
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\oobe
2018-06-14 17:39:07 ----D---- C:\WINDOWS\system32\nso-ZA
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ig-NG
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\chr-CHER-US
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\en-US
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\Dism
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\cs-CZ
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\Boot
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2018-06-14 17:39:05 ----D---- C:\WINDOWS\system32\appraiser
2018-06-14 17:39:02 ----D---- C:\WINDOWS\ShellExperiences
2018-06-14 17:38:59 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-06-14 17:38:59 ----D---- C:\WINDOWS\bcastdvr
2018-06-14 17:38:59 ----D---- C:\WINDOWS\apppatch
2018-06-14 17:38:59 ----D---- C:\Program Files\Windows Photo Viewer
2018-06-14 17:38:59 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-06-14 13:34:06 ----D---- C:\WINDOWS\system32\MRT
2018-06-14 13:26:59 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-14 13:26:49 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-06-14 13:26:33 ----D---- C:\WINDOWS\CbsTemp
2018-06-07 16:10:45 ----D---- C:\WINDOWS\system32\Macromed
2018-06-06 18:38:47 ----D---- C:\Users\Libor\AppData\Roaming\.minecraft
2018-06-06 16:24:14 ----RD---- C:\Program Files
2018-06-06 01:29:25 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-06-20 201328]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-06-20 346664]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-06-20 59592]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-06-20 85968]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-06-20 381584]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-04-12 58272]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-06-20 197160]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-06-20 229392]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-06-20 239680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-06-20 111872]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-06-20 1027728]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-06-20 463080]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2012-06-25 92536]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-06-20 159640]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-06-20 211160]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-04-12 414208]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-04-12 43520]
R3 dot4;@oem0.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2013-06-04 146856]
R3 Dot4Print;@oem44.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2013-06-04 21928]
R3 dot4usb;@oem0.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2013-06-04 43944]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-01 3564376]
R3 iwdbus;@oem64.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2018-04-12 121344]
R3 MarvinBus;@oem10.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\WINDOWS\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;@oem33.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-18 62784]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-04-12 128416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2018-06-20 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-06-20 46976]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-04-12 92056]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-04-12 73632]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 Impcd;Impcd; C:\WINDOWS\System32\drivers\Impcd.sys [2012-08-29 158976]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-08 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-04-12 57752]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-06-20 322464]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_3ee1d;Uživatelská služba platformy připojených zařízení_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 OneSyncSvc_3ee1d;Hostitel synchronizace_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-01 246488]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [2014-11-26 118576]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-04-12 761440]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R2 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-06-20 7780400]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_3ee1d;Data kontaktů_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-08 164984]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MessagingService_3ee1d;Služba zasílání zpráv_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-08 164984]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BcastDVRUserService_3ee1d;Uživatelská služba pro GameDVR a vysílání her_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_3ee1d;Služba pro podporu uživatelů Bluetooth_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_3ee1d;DevicePicker_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_3ee1d;Tok zařízení_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-04-12 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-20 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-29 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_3ee1d;PrintWorkflow_3ee1d; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 976384]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vyskakovací okna

#14 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

liboreks
Návštěvník
Návštěvník
Příspěvky: 155
Registrován: 30 říj 2011 10:22

Re: Vyskakovací okna

#15 Příspěvek od liboreks »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 30.06.18
Čas skenování: 22:04
Logovací soubor: c0cedf66-7ca0-11e8-b938-7054d252b8ba.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.374
Aktualizovat verzi balíku komponent: 1.0.5705
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 17134.112)
CPU: x64
Systém souborů: NTFS
Uživatel: PC_SLAVNET\Libor

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 354979
Zjištěné hrozby: 119
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 8 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 10
PUP.Optional.FreeHDSportTV, HKLM\SOFTWARE\WOW6432NODE\FreeHDSport TV V6.0, Žádná uživatelská akce, [2073], [238518],1.0.5705
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{10814C74-C194-D2B1-20CA-DBF33C4CC421}, Žádná uživatelská akce, [14201], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CC11D7C-6E17-4E80-8E56-442803E97922}, Žádná uživatelská akce, [14201], [-1],0.0.0
Trojan.StartPage.BatBitRst, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CC11D7C-6E17-4E80-8E56-442803E97922}, Žádná uživatelská akce, [14201], [-1],0.0.0
Adware.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{3FCBD6B6-5835-C5AA-028F-E6BC654A979D}, Žádná uživatelská akce, [6058], [536694],1.0.5705
Adware.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3B2162FA-D9F8-49EE-A829-D1396E909BAA}, Žádná uživatelská akce, [6058], [536694],1.0.5705
Adware.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{3B2162FA-D9F8-49EE-A829-D1396E909BAA}, Žádná uživatelská akce, [6058], [536694],1.0.5705
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\{893E3F19-AEA3-120D-7BC5-F47E9EFD6278}, Žádná uživatelská akce, [14201], [528272],1.0.5705
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9DB3DCA7-B27E-4FD1-8BF2-49532FE8CFBE}, Žádná uživatelská akce, [14201], [528272],1.0.5705
Trojan.StartPage.BatBitRst, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{9DB3DCA7-B27E-4FD1-8BF2-49532FE8CFBE}, Žádná uživatelská akce, [14201], [528272],1.0.5705

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 47
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\LIBOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMMHKKEGCCAGDLDGIIMEDPICCMGMIEDA, Žádná uživatelská akce, [14335], [443226],1.0.5705

Soubor: 62
PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\LIBOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\USERS\LIBOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMMHKKEGCCAGDLDGIIMEDPICCMGMIEDA\0.1.0.0_0\MANIFEST.JSON, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css\craw_window.css, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html\craw_window.html, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\flapper.gif, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_128.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_16.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_close.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_hover.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_maximize.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_pressed.png, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW\messages.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata\verified_contents.json, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_background.js, Žádná uživatelská akce, [14335], [443226],1.0.5705
PUP.Optional.ModifiedHijackedExtension.Generic, C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_window.js, Žádná uživatelská akce, [14335], [443226],1.0.5705
Trojan.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{10814C74-C194-D2B1-20CA-DBF33C4CC421}, Žádná uživatelská akce, [14201], [528272],1.0.5705
Adware.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{3FCBD6B6-5835-C5AA-028F-E6BC654A979D}, Žádná uživatelská akce, [6058], [536694],1.0.5705
Trojan.StartPage.BatBitRst, C:\WINDOWS\SYSTEM32\TASKS\{893E3F19-AEA3-120D-7BC5-F47E9EFD6278}, Žádná uživatelská akce, [14201], [528272],1.0.5705
Generic.Malware/Suspicious, C:\USERS\LIBOR\DESKTOP\ZOEK.EXE, Žádná uživatelská akce, [0], [392686],1.0.5705
PUP.Optional.OpenCandy, C:\USERS\LIBOR\DOWNLOADS\DTLITE4481-0347.EXE, Žádná uživatelská akce, [1032], [297667],1.0.5705
Generic.Malware/Suspicious, C:\USERS\LIBOR\DOWNLOADS\FREEMAKEVIDEOCONVERTER-SETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.5705
PUP.Optional.InstallCore, C:\USERS\LIBOR\DOWNLOADS\WINZIP18-FIREDRIVE-2.EXE, Žádná uživatelská akce, [393], [278236],1.0.5705

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Odpovědět