Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

viry v poště

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

viry v poště

#1 Příspěvek od Paphio »

Dobrý den, mám 2 podezřelé věci:
1)po odeslání mailu v Mozile Thunderbird se ve složce Odeslaná pošta mail objevil 2x, podruhé se změněnými znaky písmen- některá velká, některé neznámé znaky.
2)protože se mi před delší dobou stalo, že mail z ciziny nebyl v Mozile, ale našel jsem ho v e-mailu Seznamu. Když se tam chci znovu jednou za čas podívat, hlásí to Špatné jeslo. Chyba v hesle vyloučena. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2018-07-06 10:34:45
Microsoft Windows 10 Home
System drive C: has 905 GB (95%) free of 953 GB
Total RAM: 3286 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:34:46, on 06.07.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0371)
Boot mode: Normal

Running processes:
C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://muj.erasvet.cz/prihlaseni
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{27d4522e-fac3-4cd4-9daa-774f4954d6b5}: NameServer = 192.168.2.1,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{27d4522e-fac3-4cd4-9daa-774f4954d6b5}: NameServer = 192.168.2.1,8.8.8.8
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\Windows\system32\xbgmsvc.exe (file missing)

--
End of file - 9051 bytes

======Listing Processes======








C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-97bf1b7a-6cf3-404c-81eb-6195db679709 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-abe943a7-bb42-4cb8-a7fc-9feaea9ec33e -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-11cd068b-bfb4-4666-8ea3-41bb4d384141 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-536cc90c-c6cd-4ff2-8b0a-c048a3427053 -LifetimeId:38c85a4c-ec6a-4c0a-8bae-a26650860add -DeviceGroupId:WpdFsGroup

C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k appmodel -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k NetworkService -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
dashost.exe {b6e00db4-22e8-4b45-adcbaa1dd92defad}
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"ctfmon.exe"
C:\Windows\Explorer.EXE
ClassicStartMenu.exe -startup
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
szndesktop.exe default start
"C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\rempl\sedsvc.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2296.0.2035046327\1944950842" -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\Uzivatel\AppData\LocalLow\Mozilla\Temp-{46cad44f-408e-4aa6-946d-5794e2083eaa}" 2296 "\\.\pipe\gecko-crash-server-pipe.2296" 1464 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2296.3.851922453\518394447" -childID 1 -isForBrowser -prefsHandle 1900 -prefsLen 13374 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2296 "\\.\pipe\gecko-crash-server-pipe.2296" 1892 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2296.12.1934672900\255147525" -childID 2 -isForBrowser -prefsHandle 2172 -prefsLen 13374 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2296 "\\.\pipe\gecko-crash-server-pipe.2296" 2184 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2296.27.508911239\1922661497" -childID 4 -isForBrowser -prefsHandle 4092 -prefsLen 17206 -schedulerPrefs 0001,2 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 2296 "\\.\pipe\gecko-crash-server-pipe.2296" 4100 tab
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.89 --initial-client-data=0x1d0,0x1d4,0x1d8,0x1cc,0x1dc,0x7ff9637d27e8,0x7ff9637d27a8,0x7ff9637d27b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5284 --on-initialized-event-handle=628 --parent-handle=632 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360,17442036997338610929,3974642996373274418,131072 --service-pipe-token=9DC54420D4D8EF8B0A26C2D6C9BA0375 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=9DC54420D4D8EF8B0A26C2D6C9BA0375 --renderer-client-id=4 --mojo-platform-channel-handle=3184 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360,17442036997338610929,3974642996373274418,131072 --service-pipe-token=0B474FDA35C5436FA935BD7713ECDFD4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=0B474FDA35C5436FA935BD7713ECDFD4 --renderer-client-id=7 --mojo-platform-channel-handle=4312 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1360,17442036997338610929,3974642996373274418,131072 --gpu-vendor-id=0x1002 --gpu-device-id=0x9996 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --gpu-driver-date=11-4-2015 --service-request-channel-token=A0E5A9886E32A2D67E5C36EE8A72622A --mojo-platform-channel-handle=4816 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\AUDIODG.EXE 0x4a8
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Uzivatel\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\fi3pfxjh.default

prefs.js - "browser.startup.homepage" - "https://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.151.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.151.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-04-21 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-07 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-04-21 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-07 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-07 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-07 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2017-08-13 163640]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2018-04-30 178496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2017-03-23 2133216]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-06 09:46:54 ----D---- C:\Program Files\trend micro
2018-07-06 09:46:53 ----D---- C:\rsit
2018-07-06 09:13:01 ----D---- C:\Program Files\rempl
2018-07-03 15:23:40 ----ASH---- C:\swapfile.sys
2018-07-03 15:23:40 ----ASH---- C:\pagefile.sys
2018-07-03 15:23:39 ----ASH---- C:\hiberfil.sys
2018-07-02 09:54:04 ----D---- C:\Windows.old
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\epfw.sys
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\ekbdflt.sys
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\eelam.sys
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\edevmon.sys
2018-07-01 17:23:14 ----A---- C:\Windows\system32\drivers\eamonm.sys
2018-06-23 14:12:15 ----A---- C:\Windows\system32\osrss.dll
2018-06-23 14:08:14 ----A---- C:\Windows\SYSWOW64\LicenseManager.dll
2018-06-23 14:08:14 ----A---- C:\Windows\SYSWOW64\IndexedDbLegacy.dll
2018-06-23 14:08:13 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2018-06-23 14:08:13 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2018-06-23 14:08:13 ----A---- C:\Windows\SYSWOW64\ncryptprov.dll
2018-06-23 14:08:13 ----A---- C:\Windows\SYSWOW64\InputService.dll
2018-06-23 14:08:13 ----A---- C:\Windows\system32\wuuhosdeployment.dll
2018-06-23 14:08:13 ----A---- C:\Windows\system32\wups2.dll
2018-06-23 14:08:13 ----A---- C:\Windows\system32\wpncore.dll
2018-06-23 14:08:13 ----A---- C:\Windows\system32\LicenseManager.dll
2018-06-23 14:08:13 ----A---- C:\Windows\system32\InputLocaleManager.dll
2018-06-23 14:08:13 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2018-06-23 14:08:12 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2018-06-23 14:08:12 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2018-06-23 14:08:12 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-06-23 14:08:12 ----A---- C:\Windows\system32\drivers\pci.sys
2018-06-23 14:08:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-06-23 14:08:11 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2018-06-23 14:08:11 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2018-06-23 14:08:11 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2018-06-23 14:08:11 ----A---- C:\Windows\system32\wuuhext.dll
2018-06-23 14:08:11 ----A---- C:\Windows\system32\StartTileData.dll
2018-06-23 14:08:11 ----A---- C:\Windows\system32\drivers\UcmUcsi.sys
2018-06-23 14:08:10 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2018-06-23 14:08:10 ----A---- C:\Windows\system32\win32kfull.sys
2018-06-23 14:08:10 ----A---- C:\Windows\system32\wcmsvc.dll
2018-06-23 14:08:10 ----A---- C:\Windows\system32\pcalua.exe
2018-06-23 14:08:10 ----A---- C:\Windows\system32\InputService.dll
2018-06-23 14:08:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-06-23 14:08:09 ----A---- C:\Windows\system32\IndexedDbLegacy.dll
2018-06-23 14:08:09 ----A---- C:\Windows\system32\Chakradiag.dll
2018-06-23 14:08:09 ----A---- C:\Windows\system32\Chakra.dll
2018-06-23 14:08:08 ----A---- C:\Windows\system32\policymanager.dll
2018-06-23 14:08:08 ----A---- C:\Windows\system32\hvloader.dll
2018-06-23 14:08:08 ----A---- C:\Windows\system32\hvax64.exe
2018-06-23 14:08:08 ----A---- C:\Windows\system32\diagtrack.dll
2018-06-23 14:08:07 ----A---- C:\Windows\SYSWOW64\wmp.dll
2018-06-23 14:08:07 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2018-06-23 14:08:07 ----A---- C:\Windows\system32\mstscax.dll
2018-06-23 14:08:06 ----A---- C:\Windows\system32\wuaueng.dll
2018-06-23 14:08:06 ----A---- C:\Windows\system32\windows.storage.dll
2018-06-23 14:08:06 ----A---- C:\Windows\system32\ncryptprov.dll
2018-06-23 14:08:06 ----A---- C:\Windows\system32\DWrite.dll
2018-06-23 14:08:05 ----A---- C:\Windows\system32\wlansvc.dll
2018-06-23 14:08:05 ----A---- C:\Windows\system32\dwmcore.dll
2018-06-23 14:08:05 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-06-23 14:08:05 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-06-23 14:08:05 ----A---- C:\Windows\system32\aitstatic.exe
2018-06-23 14:08:04 ----A---- C:\Windows\system32\mshtml.dll
2018-06-23 14:08:03 ----A---- C:\Windows\system32\webplatstorageserver.dll
2018-06-23 14:08:02 ----A---- C:\Windows\system32\wmp.dll
2018-06-23 14:08:02 ----A---- C:\Windows\system32\hvix64.exe
2018-06-23 14:08:01 ----A---- C:\Windows\system32\mfplat.dll
2018-06-23 14:08:01 ----A---- C:\Windows\system32\edgehtml.dll
2018-06-23 14:08:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-06-23 14:08:00 ----A---- C:\Windows\SYSWOW64\Chakradiag.dll
2018-06-23 14:08:00 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2018-06-23 14:07:59 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2018-06-23 14:07:51 ----A---- C:\Windows\SYSWOW64\AppXDeploymentClient.dll
2018-06-23 14:07:51 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-06-23 14:07:51 ----A---- C:\Windows\system32\AppXDeploymentClient.dll
2018-06-23 14:07:50 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-06-23 14:07:50 ----A---- C:\Windows\SYSWOW64\gnsdk_fp.dll
2018-06-23 14:07:50 ----A---- C:\Windows\SYSWOW64\aadtb.dll
2018-06-23 14:07:50 ----A---- C:\Windows\system32\pcaevts.dll
2018-06-23 14:07:50 ----A---- C:\Windows\system32\gnsdk_fp.dll
2018-06-23 14:07:50 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2018-06-23 14:07:50 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-06-23 14:07:50 ----A---- C:\Windows\system32\aadtb.dll
2018-06-23 14:07:49 ----A---- C:\Windows\system32\winresume.exe
2018-06-23 14:07:49 ----A---- C:\Windows\system32\winload.exe
2018-06-23 14:07:49 ----A---- C:\Windows\system32\ucrtbase_enclave.dll
2018-06-23 14:07:49 ----A---- C:\Windows\system32\ucrtbase.dll
2018-06-23 14:07:48 ----A---- C:\Windows\SYSWOW64\aepic.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\win32appinventorycsp.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\RecoveryDrive.exe
2018-06-23 14:07:48 ----A---- C:\Windows\system32\pcasvc.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\pcadm.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\invagent.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\generaltel.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\devinv.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\DeviceCensus.exe
2018-06-23 14:07:48 ----A---- C:\Windows\system32\dcntel.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-06-23 14:07:48 ----A---- C:\Windows\system32\appraiser.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\aepic.dll
2018-06-23 14:07:48 ----A---- C:\Windows\system32\aeinv.dll
2018-06-23 14:07:47 ----A---- C:\Windows\SYSWOW64\wimgapi.dll
2018-06-23 14:07:47 ----A---- C:\Windows\SYSWOW64\MSVP9DEC.dll
2018-06-23 14:07:47 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll
2018-06-23 14:07:47 ----A---- C:\Windows\SYSWOW64\InstallService.dll
2018-06-23 14:07:47 ----A---- C:\Windows\system32\wimserv.exe
2018-06-23 14:07:47 ----A---- C:\Windows\system32\wimgapi.dll
2018-06-23 14:07:47 ----A---- C:\Windows\system32\runexehelper.exe
2018-06-23 14:07:47 ----A---- C:\Windows\system32\PushToInstall.dll
2018-06-23 14:07:47 ----A---- C:\Windows\system32\MSVP9DEC.dll
2018-06-23 14:07:47 ----A---- C:\Windows\system32\mfreadwrite.dll
2018-06-23 14:07:47 ----A---- C:\Windows\system32\InstallService.dll
2018-06-23 14:07:46 ----A---- C:\Windows\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-06-23 14:07:46 ----A---- C:\Windows\SYSWOW64\msvcp_win.dll
2018-06-23 14:07:46 ----A---- C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-06-23 14:07:46 ----A---- C:\Windows\system32\msvcp_win.dll
2018-06-23 14:07:45 ----RSH---- C:\Windows\fonts\StaticCache.dat
2018-06-23 14:07:45 ----A---- C:\Windows\system32\wpnapps.dll
2018-06-23 14:07:45 ----A---- C:\Windows\system32\EdgeManager.dll
2018-06-23 14:07:45 ----A---- C:\Windows\system32\acmigration.dll
2018-06-23 14:07:44 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2018-06-23 14:07:44 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2018-06-23 14:07:44 ----A---- C:\Windows\system32\wmpeffects.dll
2018-06-23 14:07:44 ----A---- C:\Windows\system32\SHCore.dll
2018-06-23 14:07:44 ----A---- C:\Windows\system32\quartz.dll
2018-06-23 14:07:44 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-06-23 14:07:43 ----A---- C:\Windows\SYSWOW64\wmpshell.dll
2018-06-23 14:07:43 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2018-06-23 14:07:43 ----A---- C:\Windows\SYSWOW64\wmpeffects.dll
2018-06-23 14:07:43 ----A---- C:\Windows\SYSWOW64\quartz.dll
2018-06-23 14:07:43 ----A---- C:\Windows\SYSWOW64\MSOpusDecoder.dll
2018-06-23 14:07:43 ----A---- C:\Windows\system32\wpnprv.dll
2018-06-23 14:07:43 ----A---- C:\Windows\system32\wmploc.DLL
2018-06-23 14:07:43 ----A---- C:\Windows\system32\utcutil.dll
2018-06-23 14:07:43 ----A---- C:\Windows\system32\ubpm.dll
2018-06-23 14:07:43 ----A---- C:\Windows\system32\RdpRelayTransport.dll
2018-06-23 14:07:43 ----A---- C:\Windows\system32\MSOpusDecoder.dll
2018-06-23 14:07:43 ----A---- C:\Windows\system32\lsass.exe
2018-06-23 14:07:43 ----A---- C:\Windows\system32\drivers\Ucx01000.sys
2018-06-23 14:07:43 ----A---- C:\Windows\system32\drivers\intelpep.sys
2018-06-21 09:04:43 ----D---- C:\ProgramData\Packages
2018-06-13 07:41:17 ----A---- C:\Windows\system32\dosvc.dll
2018-06-13 07:41:17 ----A---- C:\Windows\system32\domgmt.dll
2018-06-13 07:41:15 ----A---- C:\Windows\SYSWOW64\edgeIso.dll
2018-06-13 07:41:15 ----A---- C:\Windows\SYSWOW64\aadauthhelper.dll
2018-06-13 07:41:15 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2018-06-13 07:41:14 ----A---- C:\Windows\SYSWOW64\WwaApi.dll
2018-06-13 07:41:14 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2018-06-13 07:41:14 ----A---- C:\Windows\SYSWOW64\msIso.dll
2018-06-13 07:41:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-06-13 07:41:13 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-06-13 07:41:13 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-06-13 07:41:13 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-06-13 07:41:13 ----A---- C:\Windows\SYSWOW64\AcGenral.dll
2018-06-13 07:41:13 ----A---- C:\Windows\system32\ie4uinit.exe
2018-06-13 07:41:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-06-13 07:41:11 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2018-06-13 07:41:11 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-06-13 07:41:11 ----A---- C:\Windows\system32\vertdll.dll
2018-06-13 07:41:11 ----A---- C:\Windows\system32\urlmon.dll
2018-06-13 07:41:11 ----A---- C:\Windows\system32\iedkcs32.dll
2018-06-13 07:41:11 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-06-13 07:41:10 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 07:41:10 ----A---- C:\Windows\SYSWOW64\mfsrcsnk.dll
2018-06-13 07:41:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-06-13 07:41:10 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-06-13 07:41:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-06-13 07:41:09 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2018-06-13 07:41:09 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-06-13 07:41:09 ----A---- C:\Windows\system32\rdpudd.dll
2018-06-13 07:41:09 ----A---- C:\Windows\system32\ieproxy.dll
2018-06-13 07:41:09 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-06-13 07:41:09 ----A---- C:\Windows\system32\drivers\storahci.sys
2018-06-13 07:41:09 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-06-13 07:41:09 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2018-06-13 07:41:09 ----A---- C:\Windows\system32\drivers\clfs.sys
2018-06-13 07:41:08 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-06-13 07:41:08 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2018-06-13 07:41:08 ----A---- C:\Windows\system32\ntdll.dll
2018-06-13 07:41:08 ----A---- C:\Windows\system32\drivers\stornvme.sys
2018-06-13 07:41:08 ----A---- C:\Windows\system32\drivers\rdbss.sys
2018-06-13 07:41:08 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-06-13 07:41:08 ----A---- C:\Windows\system32\drivers\cldflt.sys
2018-06-13 07:41:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-06-13 07:41:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-06-13 07:41:07 ----A---- C:\Windows\system32\msfeeds.dll
2018-06-13 07:41:07 ----A---- C:\Windows\system32\jscript9.dll
2018-06-13 07:41:06 ----A---- C:\Windows\SYSWOW64\mfmp4srcsnk.dll
2018-06-13 07:41:06 ----A---- C:\Windows\SYSWOW64\mf.dll
2018-06-13 07:41:06 ----A---- C:\Windows\system32\vbscript.dll
2018-06-13 07:41:06 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2018-06-13 07:41:06 ----A---- C:\Windows\system32\mfmp4srcsnk.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\WWAHost.exe
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2018-06-13 07:41:05 ----A---- C:\Windows\SYSWOW64\combase.dll
2018-06-13 07:41:05 ----A---- C:\Windows\system32\rascustom.dll
2018-06-13 07:41:05 ----A---- C:\Windows\system32\edgeIso.dll
2018-06-13 07:41:05 ----A---- C:\Windows\system32\drivers\tm.sys
2018-06-13 07:41:05 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-06-13 07:41:05 ----A---- C:\Windows\system32\d3d11.dll
2018-06-13 07:41:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-06-13 07:41:04 ----A---- C:\Windows\system32\WebRuntimeManager.dll
2018-06-13 07:41:04 ----A---- C:\Windows\system32\iertutil.dll
2018-06-13 07:41:03 ----A---- C:\Windows\system32\webcheck.dll
2018-06-13 07:41:03 ----A---- C:\Windows\system32\mshtmled.dll
2018-06-13 07:41:03 ----A---- C:\Windows\system32\ieframe.dll
2018-06-13 07:41:03 ----A---- C:\Windows\system32\gdi32full.dll
2018-06-13 07:41:02 ----A---- C:\Windows\system32\dxtrans.dll
2018-06-13 07:41:01 ----A---- C:\Windows\system32\jscript9diag.dll
2018-06-13 07:41:01 ----A---- C:\Windows\system32\jscript.dll
2018-06-13 07:41:00 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2018-06-13 07:41:00 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2018-06-13 07:41:00 ----A---- C:\Windows\system32\WinTypes.dll
2018-06-13 07:41:00 ----A---- C:\Windows\system32\mfsrcsnk.dll
2018-06-13 07:41:00 ----A---- C:\Windows\system32\mf.dll
2018-06-13 07:41:00 ----A---- C:\Windows\system32\drivers\netbt.sys
2018-06-13 07:40:59 ----A---- C:\Windows\system32\WpAXHolder.dll
2018-06-13 07:40:59 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2018-06-13 07:40:59 ----A---- C:\Windows\system32\win32kbase.sys
2018-06-13 07:40:59 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-06-13 07:40:59 ----A---- C:\Windows\system32\combase.dll
2018-06-13 07:40:58 ----A---- C:\Windows\system32\WWAHost.exe
2018-06-13 07:40:58 ----A---- C:\Windows\system32\WwaApi.dll
2018-06-13 07:40:58 ----A---- C:\Windows\system32\services.exe
2018-06-13 07:40:58 ----A---- C:\Windows\system32\msxml6.dll
2018-06-13 07:40:58 ----A---- C:\Windows\system32\comsvcs.dll
2018-06-13 07:40:58 ----A---- C:\Windows\system32\AcGenral.dll
2018-06-13 07:40:57 ----A---- C:\Windows\system32\wininet.dll
2018-06-13 07:40:57 ----A---- C:\Windows\system32\rpcrt4.dll
2018-06-13 07:40:57 ----A---- C:\Windows\system32\msIso.dll
2018-06-13 07:40:57 ----A---- C:\Windows\system32\KernelBase.dll
2018-06-13 07:40:56 ----A---- C:\Windows\system32\ieapfltr.dll
2018-06-13 07:40:53 ----A---- C:\Windows\system32\Windows.Media.dll
2018-06-13 07:40:53 ----A---- C:\Windows\system32\mfcore.dll
2018-06-13 07:40:53 ----A---- C:\Windows\system32\drivers\http.sys
2018-06-13 07:40:49 ----A---- C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2018-06-13 07:40:49 ----A---- C:\Windows\system32\rdpcorets.dll
2018-06-13 07:40:48 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2018-06-13 07:40:48 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-06-13 07:40:48 ----A---- C:\Windows\SYSWOW64\explorer.exe
2018-06-13 07:40:48 ----A---- C:\Windows\system32\ClipSVC.dll
2018-06-13 07:40:47 ----A---- C:\Windows\system32\rasmans.dll
2018-06-13 07:40:47 ----A---- C:\Windows\system32\mstsc.exe
2018-06-13 07:40:47 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-06-13 07:40:46 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 07:40:46 ----A---- C:\Windows\explorer.exe
2018-06-13 07:40:45 ----A---- C:\Windows\system32\shell32.dll
2018-06-13 07:40:44 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 07:40:44 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-06-13 07:40:43 ----A---- C:\Windows\SYSWOW64\Windows.Networking.Vpn.dll
2018-06-13 07:40:43 ----A---- C:\Windows\SYSWOW64\Windows.Mirage.Internal.dll
2018-06-13 07:40:43 ----A---- C:\Windows\SYSWOW64\smartscreenps.dll
2018-06-13 07:40:43 ----A---- C:\Windows\SYSWOW64\daxexec.dll
2018-06-13 07:40:43 ----A---- C:\Windows\SYSWOW64\cldapi.dll
2018-06-13 07:40:43 ----A---- C:\Windows\SYSWOW64\cdp.dll
2018-06-13 07:40:43 ----A---- C:\Windows\system32\Windows.Mirage.Internal.dll
2018-06-13 07:40:43 ----A---- C:\Windows\system32\Spectrum.exe
2018-06-13 07:40:43 ----A---- C:\Windows\system32\smartscreenps.dll
2018-06-13 07:40:43 ----A---- C:\Windows\system32\smartscreen.exe
2018-06-13 07:40:43 ----A---- C:\Windows\system32\FaceProcessorCore.dll
2018-06-13 07:40:43 ----A---- C:\Windows\system32\DHolographicDisplay.dll
2018-06-13 07:40:43 ----A---- C:\Windows\system32\cldapi.dll
2018-06-13 07:40:42 ----A---- C:\Windows\SYSWOW64\Windows.Mirage.dll
2018-06-13 07:40:42 ----A---- C:\Windows\system32\Windows.Networking.Vpn.dll
2018-06-13 07:40:42 ----A---- C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-13 07:40:42 ----A---- C:\Windows\system32\HolographicRuntimes.dll
2018-06-13 07:40:42 ----A---- C:\Windows\system32\FaceProcessor.dll
2018-06-13 07:40:42 ----A---- C:\Windows\system32\cdp.dll
2018-06-13 07:40:41 ----A---- C:\Windows\system32\Windows.Mirage.dll
2018-06-13 07:40:40 ----A---- C:\Windows\system32\Hydrogen.dll
2018-06-13 07:40:40 ----A---- C:\Windows\system32\HologramCompositor.dll
2018-06-13 07:40:38 ----A---- C:\Windows\system32\wincorlib.dll
2018-06-13 07:40:34 ----A---- C:\Windows\system32\usocore.dll
2018-06-13 07:40:34 ----A---- C:\Windows\system32\MusNotification.exe
2018-06-13 07:40:29 ----A---- C:\Windows\system32\DbgModel.dll
2018-06-13 07:40:29 ----A---- C:\Windows\system32\dbgeng.dll
2018-06-13 07:40:28 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2018-06-13 07:40:28 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 07:40:27 ----A---- C:\Windows\system32\UpdateAgent.dll
2018-06-13 07:40:26 ----A---- C:\Windows\SYSWOW64\ContentDeliveryManager.Utilities.dll
2018-06-13 07:40:26 ----A---- C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-06-13 07:40:26 ----A---- C:\Windows\system32\HeadTrackerStorage.dll
2018-06-13 07:40:26 ----A---- C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2018-06-13 07:40:25 ----A---- C:\Windows\system32\skci.dll
2018-06-13 07:40:25 ----A---- C:\Windows\system32\bcrypt.dll
2018-06-13 07:40:24 ----A---- C:\Windows\system32\drivers\cng.sys
2018-06-13 07:40:24 ----A---- C:\Windows\system32\ci.dll
2018-06-13 07:40:22 ----A---- C:\Windows\system32\wcimage.dll
2018-06-13 07:40:22 ----A---- C:\Windows\system32\daxexec.dll
2018-06-13 07:40:21 ----A---- C:\Windows\system32\efscore.dll
2018-06-13 07:40:21 ----A---- C:\Windows\system32\browserbroker.dll
2018-06-13 07:40:20 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2018-06-13 07:40:20 ----A---- C:\Windows\system32\aadcloudap.dll
2018-06-13 07:40:20 ----A---- C:\Windows\system32\aadauthhelper.dll
2018-06-13 07:40:19 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2018-06-13 07:40:19 ----A---- C:\Windows\system32\msra.exe
2018-06-13 07:40:18 ----A---- C:\Windows\SYSWOW64\mfmkvsrcsnk.dll
2018-06-13 07:40:18 ----A---- C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2018-06-13 07:40:18 ----A---- C:\Windows\system32\msftedit.dll
2018-06-13 07:40:18 ----A---- C:\Windows\system32\mfps.dll
2018-06-13 07:40:17 ----A---- C:\Windows\system32\NotificationController.dll
2018-06-13 07:40:17 ----A---- C:\Windows\system32\mmgaclient.dll
2018-06-13 07:40:17 ----A---- C:\Windows\system32\HoloShellRuntime.dll
2018-06-13 07:40:17 ----A---- C:\Windows\system32\dssvc.dll
2018-06-13 07:40:17 ----A---- C:\Windows\system32\browserexport.exe
2018-06-13 07:40:17 ----A---- C:\Windows\system32\AzureSettingSyncProvider.dll
2018-06-13 07:40:16 ----A---- C:\Windows\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-13 07:40:16 ----A---- C:\Windows\SYSWOW64\mfps.dll
2018-06-13 07:40:16 ----A---- C:\Windows\system32\SettingSyncHost.exe
2018-06-13 07:40:15 ----A---- C:\Windows\SYSWOW64\webservices.dll
2018-06-13 07:40:15 ----A---- C:\Windows\SYSWOW64\SyncSettings.dll
2018-06-13 07:40:15 ----A---- C:\Windows\SYSWOW64\SettingSyncHost.exe
2018-06-13 07:40:15 ----A---- C:\Windows\system32\webservices.dll
2018-06-13 07:40:15 ----A---- C:\Windows\system32\SettingSyncCore.dll
2018-06-13 07:40:15 ----A---- C:\Windows\system32\rpcss.dll
2018-06-13 07:40:15 ----A---- C:\Windows\system32\PayloadRestrictions.dll
2018-06-13 07:40:15 ----A---- C:\Windows\system32\OneDriveSettingSyncProvider.dll
2018-06-13 07:40:15 ----A---- C:\Windows\system32\mmgaserver.exe
2018-06-13 07:40:15 ----A---- C:\Windows\system32\GamePanel.exe
2018-06-13 07:40:14 ----A---- C:\Windows\SYSWOW64\SettingSyncCore.dll
2018-06-13 07:40:14 ----A---- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-13 07:40:14 ----A---- C:\Windows\system32\wer.dll
2018-06-13 07:40:14 ----A---- C:\Windows\system32\mfmkvsrcsnk.dll
2018-06-13 07:40:14 ----A---- C:\Windows\system32\drivers\refs.sys
2018-06-13 07:40:13 ----A---- C:\Windows\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-13 07:40:13 ----A---- C:\Windows\SYSWOW64\wer.dll
2018-06-13 07:40:13 ----A---- C:\Windows\SYSWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-13 07:40:13 ----A---- C:\Windows\SYSWOW64\dinput8.dll
2018-06-13 07:40:13 ----A---- C:\Windows\SYSWOW64\AzureSettingSyncProvider.dll
2018-06-13 07:40:13 ----A---- C:\Windows\system32\SyncSettings.dll
2018-06-13 07:40:13 ----A---- C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-13 07:40:13 ----A---- C:\Windows\system32\dinput8.dll
2018-06-13 07:40:12 ----A---- C:\Windows\SYSWOW64\WpcWebFilter.dll
2018-06-13 07:40:12 ----A---- C:\Windows\SYSWOW64\OneDriveSettingSyncProvider.dll
2018-06-13 07:40:12 ----A---- C:\Windows\SYSWOW64\mmgaclient.dll
2018-06-13 07:40:12 ----A---- C:\Windows\SYSWOW64\kernel.appcore.dll
2018-06-13 07:40:12 ----A---- C:\Windows\SYSWOW64\GamePanel.exe
2018-06-13 07:40:12 ----A---- C:\Windows\system32\wpdbusenum.dll
2018-06-13 07:40:12 ----A---- C:\Windows\system32\WpcWebFilter.dll
2018-06-13 07:40:12 ----A---- C:\Windows\system32\TDLMigration.dll
2018-06-13 07:40:12 ----A---- C:\Windows\system32\SettingsHandlers_Notifications.dll
2018-06-13 07:40:12 ----A---- C:\Windows\system32\kernel.appcore.dll
2018-06-13 07:40:12 ----A---- C:\Windows\system32\drivers\refsv1.sys
2018-06-13 07:40:11 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2018-06-13 07:40:11 ----A---- C:\Windows\system32\mfnetcore.dll
2018-06-13 07:40:11 ----A---- C:\Windows\system32\drivers\uefi.sys
2018-06-13 07:40:10 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-06-13 07:40:10 ----A---- C:\Windows\SYSWOW64\PayloadRestrictions.dll
2018-06-13 07:40:10 ----A---- C:\Windows\SYSWOW64\mmgaserver.exe
2018-06-13 07:40:10 ----A---- C:\Windows\SYSWOW64\CloudBackupSettings.dll
2018-06-13 07:40:10 ----A---- C:\Windows\system32\wpd_ci.dll
2018-06-13 07:40:10 ----A---- C:\Windows\system32\secur32.dll
2018-06-13 07:40:10 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2018-06-13 07:40:10 ----A---- C:\Windows\system32\drivers\ataport.sys
2018-06-13 07:40:10 ----A---- C:\Windows\system32\dinput.dll
2018-06-13 07:40:09 ----A---- C:\Windows\SYSWOW64\dinput.dll
2018-06-13 07:40:09 ----A---- C:\Windows\system32\CloudBackupSettings.dll
2018-06-13 07:40:08 ----A---- C:\Windows\SYSWOW64\wincorlib.dll
2018-06-13 07:40:08 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-06-13 07:40:08 ----A---- C:\Windows\SYSWOW64\mmgaproxystub.dll
2018-06-13 07:40:08 ----A---- C:\Windows\SYSWOW64\DbgModel.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\tzres.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\SpatialStore.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\SharedRealitySvc.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\NotificationControllerPS.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\mmgaproxystub.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\GamePanelExternalHook.dll
2018-06-13 07:40:08 ----A---- C:\Windows\system32\drivers\mpsdrv.sys

======List of files/folders modified in the last 1 month======

2018-07-06 10:33:51 ----D---- C:\Windows\Temp
2018-07-06 09:51:00 ----D---- C:\Windows\system32\sru
2018-07-06 09:48:32 ----D---- C:\Windows\Prefetch
2018-07-06 09:46:54 ----RD---- C:\Program Files
2018-07-06 09:13:57 ----D---- C:\Windows\DeliveryOptimization
2018-07-06 09:13:03 ----SHD---- C:\Windows\Installer
2018-07-06 09:09:07 ----D---- C:\Windows\system32\SleepStudy
2018-07-06 08:55:57 ----D---- C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2018-07-06 08:54:54 ----D---- C:\Windows\System32
2018-07-06 08:54:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-07-06 08:50:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-06 08:45:32 ----SHD---- C:\System Volume Information
2018-07-06 08:45:07 ----D---- C:\Windows\Logs
2018-07-06 08:43:57 ----D---- C:\Windows\system32\LogFiles
2018-07-06 08:42:43 ----RD---- C:\Windows\Microsoft.NET
2018-07-06 06:51:21 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2018-07-05 07:32:48 ----HD---- C:\Program Files\WindowsApps
2018-07-05 07:32:48 ----D---- C:\Windows\AppReadiness
2018-07-05 06:21:59 ----D---- C:\Program Files\Mozilla Firefox
2018-07-03 15:24:10 ----HD---- C:\$WINDOWS.~BT
2018-07-03 14:56:09 ----D---- C:\Windows\Panther
2018-07-03 14:52:24 ----D---- C:\Windows\Registration
2018-07-01 20:15:09 ----SHD---- C:\Recovery
2018-07-01 19:34:48 ----RSD---- C:\Windows\Fonts
2018-07-01 19:34:48 ----D---- C:\Windows\system32\WinBioDatabase
2018-07-01 19:34:48 ----D---- C:\Windows\system32\Tasks
2018-07-01 19:34:47 ----D---- C:\Windows\SYSWOW64\Macromed
2018-07-01 19:34:47 ----D---- C:\Windows\SysWOW64
2018-07-01 19:34:47 ----D---- C:\Windows\system32\spool
2018-07-01 19:34:47 ----D---- C:\Windows\system32\Macromed
2018-07-01 19:34:47 ----D---- C:\Windows\system32\drivers\etc
2018-07-01 19:34:47 ----D---- C:\Windows\system32\drivers
2018-07-01 19:34:47 ----D---- C:\Windows\INF
2018-07-01 19:34:46 ----SD---- C:\ProgramData\Microsoft
2018-07-01 19:34:46 ----RD---- C:\Windows\assembly
2018-07-01 19:34:46 ----RD---- C:\Program Files (x86)
2018-07-01 19:34:46 ----HD---- C:\ProgramData
2018-07-01 19:34:46 ----D---- C:\Windows\system32\Recovery
2018-07-01 19:34:46 ----D---- C:\Windows\system32\config
2018-07-01 19:34:46 ----D---- C:\Windows\cs
2018-07-01 19:34:46 ----D---- C:\Windows
2018-07-01 19:34:46 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-07-01 19:34:46 ----D---- C:\Program Files\Common Files\microsoft shared
2018-07-01 19:34:46 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-07-01 19:34:46 ----D---- C:\Program Files (x86)\Common Files
2018-06-26 21:27:50 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2018-06-25 11:34:32 ----D---- C:\Windows\Minidump
2018-06-25 10:33:38 ----D---- C:\Windows\rescache
2018-06-24 12:49:56 ----D---- C:\Windows\system32\DriverStore
2018-06-24 12:49:55 ----D---- C:\Windows\WinSxS
2018-06-23 15:17:35 ----D---- C:\Windows\system32\catroot2
2018-06-23 15:17:07 ----D---- C:\Windows\SYSWOW64\migration
2018-06-23 15:17:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-06-23 15:17:06 ----D---- C:\Windows\system32\wbem
2018-06-23 15:17:06 ----D---- C:\Windows\system32\migration
2018-06-23 15:17:06 ----D---- C:\Windows\system32\cs-CZ
2018-06-23 15:17:06 ----D---- C:\Windows\system32\Boot
2018-06-23 15:17:06 ----D---- C:\Windows\ShellExperiences
2018-06-23 15:17:05 ----D---- C:\Windows\apppatch
2018-06-23 14:12:14 ----D---- C:\Windows\CbsTemp
2018-06-13 11:40:29 ----SD---- C:\Windows\SYSWOW64\F12
2018-06-13 11:40:29 ----D---- C:\Windows\TextInput
2018-06-13 11:40:29 ----D---- C:\Windows\SYSWOW64\Dism
2018-06-13 11:40:24 ----SD---- C:\Windows\system32\F12
2018-06-13 11:40:24 ----D---- C:\Windows\system32\WinBioPlugIns
2018-06-13 11:40:24 ----D---- C:\Windows\system32\Dism
2018-06-13 07:52:35 ----D---- C:\Windows\system32\MRT
2018-06-13 07:50:10 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-06-13 07:50:04 ----AC---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2018-04-05 110432]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-03-30 59808]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-04-05 137928]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-04-05 196112]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-04-05 82816]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-04-05 108320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-03-30 8192]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2018-05-11 385536]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-04-05 50136]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2018-03-30 79872]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWT6.sys [2016-12-12 110088]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2017-09-29 604160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 eelam;eelam; C:\Windows\system32\DRIVERS\eelam.sys [2018-02-19 15872]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2018-02-22 45472]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 athur;@oem2.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\Windows\System32\drivers\athuwbx.sys [2017-10-22 2702336]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2018-05-09 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\Windows\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-03-30 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\Windows\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2018-06-08 937376]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2017-10-25 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\Windows\System32\Drivers\UcmTcpciCx.sys [2017-09-29 146944]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2018-06-13 57344]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2017-09-29 45056]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2017-09-29 266648]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2017-09-29 97312]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2017-09-29 140696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_37c82;Uživatelská služba platformy připojených zařízení_37c82; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-12-12 3058392]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-04-30 2240264]
R2 OneSyncSvc_37c82;Hostitel synchronizace_37c82; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2018-03-01 519152]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2018-06-28 135816]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2017-08-29 10803440]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_37c82;Data kontaktů_37c82; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R3 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_37c82;Tok zařízení_37c82; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-05-03 86016]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_37c82;Služba zasílání zpráv_37c82; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-04-10 160960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_37c82;PrintWorkflow_37c82; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\Windows\system32\spectrum.exe [2018-06-08 956416]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\Windows\system32\TieringEngineService.exe [2017-09-29 302592]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-16 255472]
S4 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-04 351944]
S4 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07 153168]
S4 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07 153168]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-07-05 194512]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2017-09-29 48688]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\Windows\system32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#2 Příspěvek od Rudy »

Zdravím!
Vir to být nemusí, může to být problém (ad 1) s kódováním a (ad 2) vám mohl někdo mail hacknout. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#3 Příspěvek od Paphio »

ASI TO NIC NENAŠLO:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-06-2018
# Duration: 00:00:11
# OS: Windows 10 Home
# Scanned: 41365
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#4 Příspěvek od Rudy »

Nenašlo. Dejte teď log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 , odstraníme alespoň zbytečnosti.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#5 Příspěvek od Paphio »

Děkuji. Obojí mám na ploše, varování přišlo ne od antiviru ale Mozily. Spuštění FRSTLauncheru mi není jasné, mate mě Pokud používáte Win Vista či W7. Mám win 10.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#6 Příspěvek od Rudy »

Pak se vás to netýká. Pokud by to nefungovalo, použijte běžný FRST: https://www.bleepingcomputer.com/downlo ... scan-tool/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#7 Příspěvek od Paphio »

Děkuji. Co s tím?
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Uzivatel (06-07-2018 20:38:13)
Running from C:\Users\Uzivatel\Downloads
Windows 10 Home Version 1709 16299.522 (X64) (2017-11-07 19:18:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1506879025-1754585261-3082722204-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1506879025-1754585261-3082722204-503 - Limited - Disabled)
Guest (S-1-5-21-1506879025-1754585261-3082722204-501 - Limited - Disabled)
Uzivatel (S-1-5-21-1506879025-1754585261-3082722204-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-1506879025-1754585261-3082722204-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Security (HKLM\...\{F6EFF0FC-2E8F-4BA6-93BC-DEFD0AD5D8C6}) (Version: 11.0.144.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\{4F89919A-C57A-3F78-8057-9F0AF0CDD4D5}) (Version: 62.0.3202.89 - Google, Inc.)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Lingea Lexicon 2000 (HKLM-x32\...\Lexicon 3.0) (Version: - )
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.5031.1000 - Microsoft Corporation)
Microsoft Office 2013 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 15.0.5031.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.1 (x64 cs)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Thunderbird 52.9.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.9.0 (x86 cs)) (Version: 52.9.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5031.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5031.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5031.1000 - Microsoft Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Seznam Software (HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-30] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-30] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-30] (ESET)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17C662C0-29F3-4563-AAB3-7D9E10AC6A1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {18C00CC6-673A-42B8-B98F-C8D08F767C85} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {3D321BEB-5354-410B-A5CB-65EFF0E39BDE} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-06-28] (Microsoft Corporation)
Task: {584F7289-3A21-4A26-91BD-CAD4EFBBA0FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {58855515-EF15-46A9-B7BE-3D9B53C05713} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {68BDACAC-1724-4B56-86EC-571C09F6D5C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {8CD771C4-B781-478F-8A44-4A381E2EB1BE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {F35355E7-E284-4C88-907F-60842F3737AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2017-11-09 15:45 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2018-04-05 16:52 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\16133libfoxloader-x64.dll
2018-06-23 14:07 - 2018-06-13 23:05 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-10 12:07 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-02-10 12:07 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-11-04 17:43 - 2015-11-04 17:43 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-06-21 09:02 - 2018-06-21 09:02 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-21 09:02 - 2018-06-21 09:02 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-21 09:02 - 2018-06-21 09:02 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-06-29 06:15 - 2018-06-29 06:18 - 001281640 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-02-10 12:07 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-02-10 12:07 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\27058libfoxloader.dll
2018-02-10 12:06 - 2017-03-23 10:49 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-02-10 12:06 - 2016-07-21 11:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\Pictures\Orchideje\křížení\L. grandis x Schomburglia tibicinis\grandis x tibicinis.JPG
DNS Servers: 192.168.2.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D442C298-5C8C-4914-9072-F919D2673BB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{69685458-B46E-4BB5-81D7-3FD84C52B1F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D2814ED8-FA32-4139-939B-D447A187B245}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B9091EBC-AE58-4823-A914-DF9F904DA25B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{9711BD53-8B84-441F-94F4-7328712CC224}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A3E9AA2F-EC85-492B-8A09-E5C35B65FDFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5475011C-BDA7-4E9F-BE14-690FB2775489}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ECF21EFE-A867-4DD7-80BF-A631B6532BE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC1EE89D-B74B-42AF-B6C4-5C8B6BB644A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA955917-6361-4C3D-80AB-BC39E9D18514}] => (Allow) LPort=2869
FirewallRules: [{BED7517C-57E7-458F-AE71-BC19E7AEF12F}] => (Allow) LPort=1900
FirewallRules: [{301CAE14-DEB6-4E77-8E03-4FC03438DB92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{644753DA-D488-4EF9-B759-82FE8D279D2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9E64A137-A595-4731-8FCE-E45A6789F91C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E2F7C21B-03D6-47BE-9689-F215623BA8E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{26B51CAC-BDD4-45A5-ADB6-CD599E47209E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{78B8F22E-6C86-451A-800C-672EFEEDC953}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D08BAA3B-5855-459D-A874-3494FDEA6C16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1A035DD0-62B2-4F00-89EA-A38ED56C2C85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B7808690-69DA-4D46-8F63-D95E601C0320}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{7D8A3A0D-B1DD-4C52-868C-7FD7F224E1C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

==================== Restore Points =========================

06-07-2018 08:45:07 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2018 08:45:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/01/2018 07:00:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/29/2018 07:16:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/21/2018 03:08:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/13/2018 11:41:35 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Filtr událostí s dotazem //./root nebylo možné znovu aktivovat v oboru názvů select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration', protože došlo k chybě 0x80041033. Dokud nebude problém odstraněn, nebude možné události doručovat přes tento filtr.

Error: (06/13/2018 07:52:27 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (06/13/2018 07:39:36 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/07/2018 07:20:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (07/06/2018 07:39:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3LHP2J0)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3LHP2J0\Uzivatel (SID: S-1-5-21-1506879025-1754585261-3082722204-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 05:03:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3LHP2J0)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3LHP2J0\Uzivatel (SID: S-1-5-21-1506879025-1754585261-3082722204-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-01-26 17:08:11.352
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:11.351
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 118.1.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14202.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:10.890
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:10.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:10.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

==================== Memory info ===========================

Processor: AMD A6-6400K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 59%
Total physical RAM: 3285.52 MB
Available physical RAM: 1323.27 MB
Total Virtual: 3861.52 MB
Available Virtual: 1411.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:882.87 GB) NTFS
Drive f: (CORSAIR) (Removable) (Total:3.81 GB) (Free:0.52 GB) FAT32

\\?\Volume{a0e5151b-031c-4193-8c3a-42c5d846a431}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{ada34b3b-185a-4f65-8ad4-a63759f7c05f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4880C8A5)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 1680206B)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Uzivatel (06-07-2018 20:38:13)
Running from C:\Users\Uzivatel\Downloads
Windows 10 Home Version 1709 16299.522 (X64) (2017-11-07 19:18:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1506879025-1754585261-3082722204-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1506879025-1754585261-3082722204-503 - Limited - Disabled)
Guest (S-1-5-21-1506879025-1754585261-3082722204-501 - Limited - Disabled)
Uzivatel (S-1-5-21-1506879025-1754585261-3082722204-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-1506879025-1754585261-3082722204-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Security (HKLM\...\{F6EFF0FC-2E8F-4BA6-93BC-DEFD0AD5D8C6}) (Version: 11.0.144.0 - ESET, spol. s r.o.)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\{4F89919A-C57A-3F78-8057-9F0AF0CDD4D5}) (Version: 62.0.3202.89 - Google, Inc.)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Lingea Lexicon 2000 (HKLM-x32\...\Lexicon 3.0) (Version: - )
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.5031.1000 - Microsoft Corporation)
Microsoft Office 2013 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 15.0.5031.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.1 (x64 cs)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Thunderbird 52.9.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.9.0 (x86 cs)) (Version: 52.9.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5031.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5031.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5031.1000 - Microsoft Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Seznam Software (HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.10 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8CFAB044-7D2E-4655-B86D-99932E988980}) (Version: 2.45.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-30] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-30] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-04-30] (ESET)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17C662C0-29F3-4563-AAB3-7D9E10AC6A1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {18C00CC6-673A-42B8-B98F-C8D08F767C85} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {3D321BEB-5354-410B-A5CB-65EFF0E39BDE} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2018-06-28] (Microsoft Corporation)
Task: {584F7289-3A21-4A26-91BD-CAD4EFBBA0FB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {58855515-EF15-46A9-B7BE-3D9B53C05713} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {68BDACAC-1724-4B56-86EC-571C09F6D5C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {8CD771C4-B781-478F-8A44-4A381E2EB1BE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {F35355E7-E284-4C88-907F-60842F3737AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2017-11-09 15:45 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2018-04-05 16:52 - 2017-11-13 16:46 - 000092368 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\16133libfoxloader-x64.dll
2018-06-23 14:07 - 2018-06-13 23:05 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-10 12:07 - 2017-11-13 16:38 - 000506064 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2018-02-10 12:07 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2015-11-04 17:43 - 2015-11-04 17:43 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-06-21 09:02 - 2018-06-21 09:02 - 000093696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-21 09:02 - 2018-06-21 09:02 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-21 09:02 - 2018-06-21 09:02 - 007813632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-06-29 06:15 - 2018-06-29 06:18 - 001281640 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-02-10 12:07 - 2018-02-21 11:36 - 000869584 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2018-02-10 12:07 - 2017-11-13 16:49 - 000085200 _____ () C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\27058libfoxloader.dll
2018-02-10 12:06 - 2017-03-23 10:49 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-02-10 12:06 - 2016-07-21 11:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\Pictures\Orchideje\křížení\L. grandis x Schomburglia tibicinis\grandis x tibicinis.JPG
DNS Servers: 192.168.2.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D442C298-5C8C-4914-9072-F919D2673BB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{69685458-B46E-4BB5-81D7-3FD84C52B1F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D2814ED8-FA32-4139-939B-D447A187B245}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B9091EBC-AE58-4823-A914-DF9F904DA25B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{9711BD53-8B84-441F-94F4-7328712CC224}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A3E9AA2F-EC85-492B-8A09-E5C35B65FDFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5475011C-BDA7-4E9F-BE14-690FB2775489}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ECF21EFE-A867-4DD7-80BF-A631B6532BE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DC1EE89D-B74B-42AF-B6C4-5C8B6BB644A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA955917-6361-4C3D-80AB-BC39E9D18514}] => (Allow) LPort=2869
FirewallRules: [{BED7517C-57E7-458F-AE71-BC19E7AEF12F}] => (Allow) LPort=1900
FirewallRules: [{301CAE14-DEB6-4E77-8E03-4FC03438DB92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{644753DA-D488-4EF9-B759-82FE8D279D2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9E64A137-A595-4731-8FCE-E45A6789F91C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E2F7C21B-03D6-47BE-9689-F215623BA8E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{26B51CAC-BDD4-45A5-ADB6-CD599E47209E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{78B8F22E-6C86-451A-800C-672EFEEDC953}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D08BAA3B-5855-459D-A874-3494FDEA6C16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1A035DD0-62B2-4F00-89EA-A38ED56C2C85}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B7808690-69DA-4D46-8F63-D95E601C0320}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{7D8A3A0D-B1DD-4C52-868C-7FD7F224E1C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

==================== Restore Points =========================

06-07-2018 08:45:07 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2018 08:45:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/01/2018 07:00:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/29/2018 07:16:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/21/2018 03:08:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/13/2018 11:41:35 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Filtr událostí s dotazem //./root nebylo možné znovu aktivovat v oboru názvů select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration', protože došlo k chybě 0x80041033. Dokud nebude problém odstraněn, nebude možné události doručovat přes tento filtr.

Error: (06/13/2018 07:52:27 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (06/13/2018 07:39:36 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (06/07/2018 07:20:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (07/06/2018 07:39:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3LHP2J0)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3LHP2J0\Uzivatel (SID: S-1-5-21-1506879025-1754585261-3082722204-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 05:03:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-3LHP2J0)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-3LHP2J0\Uzivatel (SID: S-1-5-21-1506879025-1754585261-3082722204-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2018 04:40:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-01-26 17:08:11.352
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:11.351
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 118.1.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.14202.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:10.890
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:10.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

Date: 2018-01-26 17:08:10.889
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.257.201.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14306.0
Kód chyby: 0x800704e8
Popis chyby :Vzdálený systém není k dispozici. Informace týkající se řešení potíží se sítěmi naleznete v Nápovědě systému Windows.

==================== Memory info ===========================

Processor: AMD A6-6400K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 59%
Total physical RAM: 3285.52 MB
Available physical RAM: 1323.27 MB
Total Virtual: 3861.52 MB
Available Virtual: 1411.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:882.87 GB) NTFS
Drive f: (CORSAIR) (Removable) (Total:3.81 GB) (Free:0.52 GB) FAT32

\\?\Volume{a0e5151b-031c-4193-8c3a-42c5d846a431}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{ada34b3b-185a-4f65-8ad4-a63759f7c05f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4880C8A5)

Partition: GPT.

========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 1680206B)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#8 Příspěvek od Rudy »

Je tam 2x Addition. Potřebuji ještě vidět obsah souboru frst.txt, abych mohl sestavit mazací skript.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#9 Příspěvek od Paphio »

Díky:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Uzivatel (administrator) on DESKTOP-3LHP2J0 (06-07-2018 20:37:14)
Running from C:\Users\Uzivatel\Downloads
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Platform: Windows 10 Home Version 1709 16299.522 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-30] (ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\MountPoints2: {2cf00a72-c3fd-11e7-872c-448a5b2d2007} - "G:\setup.EXE" /AUTORUN
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\MountPoints2: {d1f083b4-c3ef-11e7-872a-806e6f6e6963} - "E:\setup.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{27d4522e-fac3-4cd4-9daa-774f4954d6b5}: [NameServer] 192.168.2.1,8.8.8.8
Tcpip\..\Interfaces\{3157207d-1ab6-413d-960d-a746955f4558}: [DhcpNameServer] 188.122.222.222 188.122.222.223 8.8.8.8 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://muj.erasvet.cz/prihlaseni
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {21E1C605-7424-45F5-B030-1CD9B3862544} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {3100E3A0-5763-43B5-A057-93BBEF3CEB02} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {51191E20-EBF5-48AB-AB4A-6D4131D3F4E6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {61D6CC55-E2CB-48F1-8F66-919361075E6B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {6FF24258-A059-4972-897A-2C348A3B45D9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {AC80989C-92BF-49DD-9F2B-3F4FD28DE8DB} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {BEE4453D-5B21-44BC-B550-B617595784DE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {D7562166-3590-4BF7-881E-EA813D84F53B} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1506879025-1754585261-3082722204-1001 -> {FA820DE7-CA50-47DE-B7A8-4FB2867E2795} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-07] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-04-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-07] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-11-09] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: fi3pfxjh.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\fi3pfxjh.default [2018-07-06]
FF Homepage: Mozilla\Firefox\Profiles\fi3pfxjh.default -> hxxps://www.google.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\fi3pfxjh.default -> Disabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\fi3pfxjh.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-05-04]
FF Extension: (Seznam doplněk - Email) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\fi3pfxjh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-05-04]
FF Extension: (No Name) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\fi3pfxjh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-06] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-07] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-07] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-11-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.cz/
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/html/newTab.html"
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2018-07-06]
CHR Extension: (Prezentace) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-07]
CHR Extension: (Dokumenty) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07]
CHR Extension: (Disk Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-07]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-06]
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-07]
CHR Extension: (Tabulky) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-06]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-25]
CHR HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-30] (ESET)
R2 osrss; C:\Windows\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [135816 2018-06-28] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2017-10-22] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [110088 2016-12-12] (Advanced Micro Devices)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-05] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [110432 2018-04-05] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196112 2018-04-05] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50136 2018-04-05] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82816 2018-04-05] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [108320 2018-04-05] (ESET)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-06 20:37 - 2018-07-06 20:37 - 000016153 _____ C:\Users\Uzivatel\Downloads\FRST.txt
2018-07-06 20:37 - 2018-07-06 20:37 - 000000000 ____D C:\FRST
2018-07-06 20:35 - 2018-07-06 20:35 - 002412544 _____ (Farbar) C:\Users\Uzivatel\Downloads\FRST64.exe
2018-07-06 16:34 - 2018-07-06 16:35 - 000000000 ____D C:\AdwCleaner
2018-07-06 13:23 - 2018-07-06 13:23 - 007402192 _____ (Malwarebytes) C:\Users\Uzivatel\Downloads\adwcleaner_7.2.1 (1).exe
2018-07-06 13:22 - 2018-07-06 13:22 - 007402192 _____ (Malwarebytes) C:\Users\Uzivatel\Downloads\adwcleaner_7.2.1.exe
2018-07-06 09:46 - 2018-07-06 10:34 - 000000000 ____D C:\Program Files\trend micro
2018-07-06 09:46 - 2018-07-06 09:47 - 000000000 ____D C:\rsit
2018-07-06 09:13 - 2018-07-06 09:13 - 000000000 ____D C:\Program Files\rempl
2018-07-02 09:54 - 2018-07-02 09:54 - 000000000 ____D C:\Windows.old
2018-07-01 17:23 - 2018-04-05 08:37 - 000196112 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-07-01 17:23 - 2018-04-05 08:37 - 000137928 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2018-07-01 17:23 - 2018-04-05 08:37 - 000110432 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2018-07-01 17:23 - 2018-04-05 08:37 - 000108320 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2018-07-01 17:23 - 2018-04-05 08:37 - 000082816 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2018-07-01 17:23 - 2018-04-05 08:37 - 000050136 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2018-07-01 17:23 - 2018-02-19 12:14 - 000015872 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2018-06-30 15:21 - 2018-06-30 15:21 - 000001070 _____ C:\Users\Uzivatel\Desktop\Primärhybriden – zástupce.lnk
2018-06-23 14:12 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\Windows\system32\osrss.dll
2018-06-23 14:08 - 2018-06-14 00:39 - 001206680 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-06-23 14:08 - 2018-06-14 00:39 - 001056152 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-06-23 14:08 - 2018-06-14 00:38 - 005859248 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-06-23 14:08 - 2018-06-14 00:38 - 002002336 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-06-23 14:08 - 2018-06-14 00:38 - 000077240 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-06-23 14:08 - 2018-06-14 00:36 - 008629152 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-23 14:08 - 2018-06-14 00:36 - 000137624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-23 14:08 - 2018-06-14 00:35 - 002395544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-23 14:08 - 2018-06-14 00:31 - 007671696 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-06-23 14:08 - 2018-06-14 00:31 - 000979864 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2018-06-23 14:08 - 2018-06-14 00:31 - 000491264 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2018-06-23 14:08 - 2018-06-14 00:28 - 000555928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-06-23 14:08 - 2018-06-14 00:28 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-06-23 14:08 - 2018-06-14 00:27 - 001779936 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-06-23 14:08 - 2018-06-14 00:25 - 002773408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-06-23 14:08 - 2018-06-13 23:46 - 000422592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2018-06-23 14:08 - 2018-06-13 23:44 - 006086960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-06-23 14:08 - 2018-06-13 23:44 - 000747928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2018-06-23 14:08 - 2018-06-13 23:41 - 001525288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-06-23 14:08 - 2018-06-13 23:30 - 025256448 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-06-23 14:08 - 2018-06-13 23:24 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-06-23 14:08 - 2018-06-13 23:24 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-06-23 14:08 - 2018-06-13 23:21 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-06-23 14:08 - 2018-06-13 23:21 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2018-06-23 14:08 - 2018-06-13 23:19 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-06-23 14:08 - 2018-06-13 23:17 - 019358720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-23 14:08 - 2018-06-13 23:17 - 003663360 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-06-23 14:08 - 2018-06-13 23:16 - 012730368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-06-23 14:08 - 2018-06-13 23:16 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-06-23 14:08 - 2018-06-13 23:14 - 006060032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-06-23 14:08 - 2018-06-13 23:14 - 002464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-06-23 14:08 - 2018-06-13 23:14 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-06-23 14:08 - 2018-06-13 23:14 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-06-23 14:08 - 2018-06-13 23:13 - 007812608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-06-23 14:08 - 2018-06-13 23:13 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2018-06-23 14:08 - 2018-06-13 23:13 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2018-06-23 14:08 - 2018-06-13 23:13 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-06-23 14:08 - 2018-06-13 23:12 - 002577920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-06-23 14:08 - 2018-06-13 23:12 - 002349568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2018-06-23 14:08 - 2018-06-13 23:11 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-06-23 14:08 - 2018-06-13 23:07 - 023678464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-23 14:08 - 2018-06-13 23:07 - 013712896 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-06-23 14:08 - 2018-06-13 23:07 - 000331264 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2018-06-23 14:08 - 2018-06-13 23:06 - 000892928 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-06-23 14:08 - 2018-06-13 23:05 - 008068608 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-06-23 14:08 - 2018-06-13 23:04 - 008432640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-06-23 14:08 - 2018-06-13 23:03 - 003161088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-06-23 14:08 - 2018-06-13 23:03 - 002857984 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 003126272 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 002786304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 002633216 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 002528768 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-06-23 14:08 - 2018-06-13 23:02 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-06-23 14:08 - 2018-06-13 23:01 - 001760768 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2018-06-23 14:08 - 2018-06-13 23:01 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2018-06-23 14:08 - 2018-06-13 23:00 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-23 14:08 - 2018-06-13 22:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-06-23 14:07 - 2018-06-14 00:41 - 001568160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-06-23 14:07 - 2018-06-14 00:41 - 001093040 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-23 14:07 - 2018-06-14 00:41 - 000925672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-06-23 14:07 - 2018-06-14 00:41 - 000137112 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-06-23 14:07 - 2018-06-14 00:40 - 000423320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-06-23 14:07 - 2018-06-14 00:40 - 000300448 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-06-23 14:07 - 2018-06-14 00:40 - 000069528 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-06-23 14:07 - 2018-06-14 00:39 - 000748472 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-06-23 14:07 - 2018-06-14 00:39 - 000608152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-06-23 14:07 - 2018-06-14 00:39 - 000035224 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-06-23 14:07 - 2018-06-14 00:38 - 001133880 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2018-06-23 14:07 - 2018-06-14 00:38 - 000664984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-06-23 14:07 - 2018-06-14 00:38 - 000479920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2018-06-23 14:07 - 2018-06-14 00:38 - 000461216 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-06-23 14:07 - 2018-06-14 00:38 - 000272288 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-06-23 14:07 - 2018-06-14 00:35 - 001416864 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-23 14:07 - 2018-06-14 00:35 - 001210784 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-23 14:07 - 2018-06-14 00:35 - 001002048 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-06-23 14:07 - 2018-06-14 00:35 - 000453024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-06-23 14:07 - 2018-06-14 00:33 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-06-23 14:07 - 2018-06-14 00:32 - 000130600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2018-06-23 14:07 - 2018-06-14 00:31 - 000525728 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2018-06-23 14:07 - 2018-06-14 00:29 - 000705944 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2018-06-23 14:07 - 2018-06-14 00:29 - 000671024 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2018-06-23 14:07 - 2018-06-14 00:29 - 000225696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ucx01000.sys
2018-06-23 14:07 - 2018-06-14 00:28 - 000688576 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2018-06-23 14:07 - 2018-06-14 00:26 - 001084736 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2018-06-23 14:07 - 2018-06-14 00:26 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2018-06-23 14:07 - 2018-06-14 00:25 - 000628632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2018-06-23 14:07 - 2018-06-14 00:24 - 000057464 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-23 14:07 - 2018-06-13 23:54 - 001383784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll
2018-06-23 14:07 - 2018-06-13 23:54 - 000212896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-06-23 14:07 - 2018-06-13 23:50 - 001145104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-06-23 14:07 - 2018-06-13 23:44 - 000592800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2018-06-23 14:07 - 2018-06-13 23:44 - 000550176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2018-06-23 14:07 - 2018-06-13 23:42 - 000544432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2018-06-23 14:07 - 2018-06-13 23:41 - 001033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2018-06-23 14:07 - 2018-06-13 23:39 - 000505160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2018-06-23 14:07 - 2018-06-13 23:39 - 000251096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2018-06-23 14:07 - 2018-06-13 23:24 - 001008640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2018-06-23 14:07 - 2018-06-13 23:21 - 000136704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSOpusDecoder.dll
2018-06-23 14:07 - 2018-06-13 23:20 - 008962560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-06-23 14:07 - 2018-06-13 23:19 - 000102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2018-06-23 14:07 - 2018-06-13 23:18 - 018930688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-06-23 14:07 - 2018-06-13 23:17 - 000098304 _____ C:\Windows\system32\runexehelper.exe
2018-06-23 14:07 - 2018-06-13 23:16 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2018-06-23 14:07 - 2018-06-13 23:16 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2018-06-23 14:07 - 2018-06-13 23:15 - 001508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2018-06-23 14:07 - 2018-06-13 23:13 - 000955392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2018-06-23 14:07 - 2018-06-13 23:13 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-06-23 14:07 - 2018-06-13 23:12 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\PushToInstall.dll
2018-06-23 14:07 - 2018-06-13 23:12 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2018-06-23 14:07 - 2018-06-13 23:12 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\MSOpusDecoder.dll
2018-06-23 14:07 - 2018-06-13 23:11 - 008962560 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-06-23 14:07 - 2018-06-13 23:11 - 000975360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2018-06-23 14:07 - 2018-06-13 23:11 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2018-06-23 14:07 - 2018-06-13 23:10 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-06-23 14:07 - 2018-06-13 23:07 - 001495552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-06-23 14:07 - 2018-06-13 23:05 - 001238016 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2018-06-23 14:07 - 2018-06-13 23:04 - 003180544 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-06-23 14:07 - 2018-06-13 23:04 - 002212352 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-06-23 14:07 - 2018-06-13 23:03 - 001607168 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-06-23 14:07 - 2018-06-13 23:01 - 001249792 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2018-06-23 14:07 - 2018-06-13 23:01 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-06-23 14:07 - 2018-06-13 23:01 - 000565248 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2018-06-23 14:07 - 2018-06-13 22:58 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2018-06-23 14:07 - 2018-06-13 22:57 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-06-23 14:07 - 2018-06-13 22:57 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-06-23 14:07 - 2018-06-13 20:19 - 004171264 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2018-06-23 14:07 - 2018-06-13 20:18 - 004876800 _____ (Gracenote, Inc.) C:\Windows\system32\gnsdk_fp.dll
2018-06-21 09:04 - 2018-06-21 09:04 - 000000000 ____D C:\ProgramData\Packages
2018-06-17 07:17 - 2018-06-17 07:17 - 000000976 _____ C:\Users\Uzivatel\Desktop\SEVY – zástupce.lnk
2018-06-17 07:16 - 2018-06-17 07:16 - 000000996 _____ C:\Users\Uzivatel\Desktop\sbírka – zástupce.lnk
2018-06-13 07:41 - 2018-06-08 09:32 - 001638432 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2018-06-13 07:41 - 2018-06-08 09:32 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2018-06-13 07:41 - 2018-06-08 09:30 - 001953544 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 07:41 - 2018-06-08 09:27 - 000377760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-06-13 07:41 - 2018-06-08 09:24 - 003009736 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-06-13 07:41 - 2018-06-08 09:24 - 002711248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 07:41 - 2018-06-08 09:22 - 001269640 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-06-13 07:41 - 2018-06-08 09:22 - 000093624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-06-13 07:41 - 2018-06-08 09:21 - 000594080 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 07:41 - 2018-06-08 08:21 - 001931256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 07:41 - 2018-06-08 08:21 - 001614168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 07:41 - 2018-06-08 08:21 - 000777912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 07:41 - 2018-06-08 08:19 - 001433360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2018-06-13 07:41 - 2018-06-08 08:18 - 000097160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 07:41 - 2018-06-08 08:10 - 002338272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-06-13 07:41 - 2018-06-08 08:09 - 017161216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-06-13 07:41 - 2018-06-08 08:09 - 002193688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 07:41 - 2018-06-08 08:09 - 000791968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2018-06-13 07:41 - 2018-06-08 08:08 - 003979696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2018-06-13 07:41 - 2018-06-08 08:08 - 001990672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-06-13 07:41 - 2018-06-08 08:07 - 002386320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-06-13 07:41 - 2018-06-08 08:07 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-06-13 07:41 - 2018-06-08 08:06 - 006015208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2018-06-13 07:41 - 2018-06-08 08:06 - 004668688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-06-13 07:41 - 2018-06-08 08:06 - 000551696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 07:41 - 2018-06-08 08:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 07:41 - 2018-06-08 08:02 - 001498112 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-06-13 07:41 - 2018-06-08 08:02 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 07:41 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2018-06-13 07:41 - 2018-06-08 08:02 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 07:41 - 2018-06-08 08:01 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 07:41 - 2018-06-08 08:01 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 07:41 - 2018-06-08 08:00 - 012833792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 07:41 - 2018-06-08 08:00 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 07:41 - 2018-06-08 07:59 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 07:41 - 2018-06-08 07:58 - 004723712 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 07:41 - 2018-06-08 07:58 - 002083840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 07:41 - 2018-06-08 07:57 - 001812992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 07:41 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2018-06-13 07:41 - 2018-06-08 07:57 - 000808960 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 07:41 - 2018-06-08 07:46 - 002393600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-06-13 07:41 - 2018-06-08 07:46 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-06-13 07:41 - 2018-06-08 07:43 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 07:41 - 2018-06-08 07:42 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 07:41 - 2018-06-08 07:41 - 013704704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 07:41 - 2018-06-08 07:41 - 011924992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 07:41 - 2018-06-08 07:41 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-06-13 07:41 - 2018-06-08 07:40 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 07:41 - 2018-06-08 07:40 - 000293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2018-06-13 07:41 - 2018-06-08 07:39 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 07:41 - 2018-06-08 07:38 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 07:41 - 2018-06-08 07:38 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 07:41 - 2018-06-08 07:38 - 000235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 07:41 - 2018-06-08 07:36 - 003662848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 07:41 - 2018-06-08 07:35 - 002868736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 07:41 - 2018-06-08 07:35 - 002014720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 07:41 - 2018-06-08 07:35 - 001565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 07:41 - 2018-06-08 07:35 - 001474560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 07:41 - 2018-05-12 01:15 - 000128408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-06-13 07:41 - 2018-05-12 01:14 - 000373656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-06-13 07:41 - 2018-05-12 01:14 - 000082840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-06-13 07:41 - 2018-05-12 01:10 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-06-13 07:41 - 2018-05-12 01:10 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-06-13 07:41 - 2018-05-12 01:09 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-06-13 07:41 - 2018-05-12 01:09 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-06-13 07:41 - 2018-05-12 01:08 - 000428440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-06-13 07:41 - 2018-05-12 01:07 - 002711168 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2018-06-13 07:41 - 2018-05-12 01:07 - 002268024 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2018-06-13 07:41 - 2018-05-12 01:07 - 001506200 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-06-13 07:41 - 2018-05-11 23:53 - 002462704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2018-06-13 07:41 - 2018-05-11 23:53 - 001456104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2018-06-13 07:41 - 2018-05-11 23:53 - 001017048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 07:41 - 2018-05-11 23:52 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2018-06-13 07:41 - 2018-05-11 23:48 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-13 07:41 - 2018-05-11 23:48 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-06-13 07:41 - 2018-05-11 23:47 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 07:41 - 2018-05-11 23:46 - 000595456 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 07:41 - 2018-05-11 23:45 - 000816128 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2018-06-13 07:41 - 2018-05-11 23:42 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-06-13 07:41 - 2018-05-11 23:29 - 000268288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 07:41 - 2018-05-11 23:29 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadauthhelper.dll
2018-06-13 07:41 - 2018-05-11 23:19 - 001353216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-06-13 07:40 - 2018-06-08 19:26 - 021754880 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-06-13 07:40 - 2018-06-08 19:26 - 017084928 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-06-13 07:40 - 2018-06-08 19:03 - 003331520 _____ C:\Windows\system32\Windows.Mirage.dll
2018-06-13 07:40 - 2018-06-08 18:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-06-13 07:40 - 2018-06-08 18:58 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2018-06-13 07:40 - 2018-06-08 13:42 - 002491120 _____ C:\Windows\SysWOW64\Windows.Mirage.dll
2018-06-13 07:40 - 2018-06-08 13:41 - 000618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 07:40 - 2018-06-08 09:33 - 000269720 _____ C:\Windows\system32\FaceProcessorCore.dll
2018-06-13 07:40 - 2018-06-08 09:33 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2018-06-13 07:40 - 2018-06-08 09:30 - 002514944 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 07:40 - 2018-06-08 09:29 - 001849760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-06-13 07:40 - 2018-06-08 09:29 - 000937376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2018-06-13 07:40 - 2018-06-08 09:29 - 000028576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2018-06-13 07:40 - 2018-06-08 09:27 - 001173584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 07:40 - 2018-06-08 09:26 - 000712456 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 07:40 - 2018-06-08 09:25 - 003903784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-06-13 07:40 - 2018-06-08 09:24 - 006282280 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2018-06-13 07:40 - 2018-06-08 09:24 - 001488288 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2018-06-13 07:40 - 2018-06-08 09:24 - 001029536 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2018-06-13 07:40 - 2018-06-08 09:24 - 000967584 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2018-06-13 07:40 - 2018-06-08 09:24 - 000891808 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2018-06-13 07:40 - 2018-06-08 09:24 - 000247712 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-06-13 07:40 - 2018-06-08 09:23 - 021357336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-06-13 07:40 - 2018-06-08 09:23 - 004486400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2018-06-13 07:40 - 2018-06-08 09:23 - 002472888 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2018-06-13 07:40 - 2018-06-08 09:23 - 002412688 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-06-13 07:40 - 2018-06-08 09:23 - 000824904 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2018-06-13 07:40 - 2018-06-08 09:23 - 000677304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 07:40 - 2018-06-08 09:23 - 000137552 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 07:40 - 2018-06-08 09:22 - 006791992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2018-06-13 07:40 - 2018-06-08 09:22 - 003180176 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-06-13 07:40 - 2018-06-08 09:22 - 001358496 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 07:40 - 2018-06-08 09:22 - 000054376 _____ (Microsoft Corporation) C:\Windows\system32\kernel.appcore.dll
2018-06-13 07:40 - 2018-06-08 09:21 - 007385096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 07:40 - 2018-06-08 09:21 - 004507096 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-06-13 07:40 - 2018-06-08 09:21 - 001206104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2018-06-13 07:40 - 2018-06-08 09:21 - 000260904 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 07:40 - 2018-06-08 09:20 - 001101216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-06-13 07:40 - 2018-06-08 08:10 - 003485400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2018-06-13 07:40 - 2018-06-08 08:10 - 001124768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-13 07:40 - 2018-06-08 08:09 - 002993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-13 07:40 - 2018-06-08 08:09 - 000832952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2018-06-13 07:40 - 2018-06-08 08:08 - 020290256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-06-13 07:40 - 2018-06-08 08:08 - 001075984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 07:40 - 2018-06-08 08:08 - 000640024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2018-06-13 07:40 - 2018-06-08 08:07 - 000975360 _____ C:\Windows\system32\FaceProcessor.dll
2018-06-13 07:40 - 2018-06-08 08:07 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2018-06-13 07:40 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-06-13 07:40 - 2018-06-08 08:07 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-06-13 07:40 - 2018-06-08 08:07 - 000047608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel.appcore.dll
2018-06-13 07:40 - 2018-06-08 08:06 - 006481096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 07:40 - 2018-06-08 08:06 - 002890240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2018-06-13 07:40 - 2018-06-08 08:06 - 001131696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2018-06-13 07:40 - 2018-06-08 08:06 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2018-06-13 07:40 - 2018-06-08 08:06 - 000129208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 07:40 - 2018-06-08 08:05 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 07:40 - 2018-06-08 08:05 - 000331264 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2018-06-13 07:40 - 2018-06-08 08:05 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\GamePanelExternalHook.dll
2018-06-13 07:40 - 2018-06-08 08:04 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-06-13 07:40 - 2018-06-08 08:04 - 001925120 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2018-06-13 07:40 - 2018-06-08 08:04 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 07:40 - 2018-06-08 08:04 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-06-13 07:40 - 2018-06-08 08:03 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-06-13 07:40 - 2018-06-08 08:03 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-06-13 07:40 - 2018-06-08 08:02 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-06-13 07:40 - 2018-06-08 08:02 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-06-13 07:40 - 2018-06-08 08:01 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2018-06-13 07:40 - 2018-06-08 08:01 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2018-06-13 07:40 - 2018-06-08 08:01 - 000623616 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2018-06-13 07:40 - 2018-06-08 08:01 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2018-06-13 07:40 - 2018-06-08 08:00 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2018-06-13 07:40 - 2018-06-08 08:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2018-06-13 07:40 - 2018-06-08 07:59 - 003124224 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-13 07:40 - 2018-06-08 07:59 - 002596352 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2018-06-13 07:40 - 2018-06-08 07:59 - 001297920 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2018-06-13 07:40 - 2018-06-08 07:59 - 001116672 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-06-13 07:40 - 2018-06-08 07:59 - 001043968 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2018-06-13 07:40 - 2018-06-08 07:59 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2018-06-13 07:40 - 2018-06-08 07:58 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-06-13 07:40 - 2018-06-08 07:58 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 07:40 - 2018-06-08 07:57 - 004772352 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-06-13 07:40 - 2018-06-08 07:57 - 002086400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-06-13 07:40 - 2018-06-08 07:57 - 001597952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 07:40 - 2018-06-08 07:57 - 001135104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2018-06-13 07:40 - 2018-06-08 07:56 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-06-13 07:40 - 2018-06-08 07:56 - 000969728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-13 07:40 - 2018-06-08 07:55 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-06-13 07:40 - 2018-06-08 07:53 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2018-06-13 07:40 - 2018-06-08 07:46 - 000309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-06-13 07:40 - 2018-06-08 07:45 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2018-06-13 07:40 - 2018-06-08 07:41 - 000372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-06-13 07:40 - 2018-06-08 07:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-06-13 07:40 - 2018-06-08 07:40 - 001277440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2018-06-13 07:40 - 2018-06-08 07:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-13 07:40 - 2018-06-08 07:39 - 000963584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2018-06-13 07:40 - 2018-06-08 07:39 - 000941568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 07:40 - 2018-06-08 07:39 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2018-06-13 07:40 - 2018-06-08 07:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-06-13 07:40 - 2018-06-08 07:35 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-06-13 07:40 - 2018-06-08 07:35 - 004384768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-06-13 07:40 - 2018-06-08 07:35 - 000935424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2018-06-13 07:40 - 2018-06-08 07:35 - 000891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-13 07:40 - 2018-06-08 07:34 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll
2018-06-13 07:40 - 2018-05-12 15:57 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\HolographicRuntimes.dll
2018-06-13 07:40 - 2018-05-12 15:56 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-06-13 07:40 - 2018-05-12 15:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2018-06-13 07:40 - 2018-05-12 15:55 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-06-13 07:40 - 2018-05-12 15:53 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-06-13 07:40 - 2018-05-12 15:52 - 000421376 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2018-06-13 07:40 - 2018-05-12 15:52 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\SpatialStore.dll
2018-06-13 07:40 - 2018-05-12 01:15 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-06-13 07:40 - 2018-05-12 01:10 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-06-13 07:40 - 2018-05-12 01:08 - 000757792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-06-13 07:40 - 2018-05-12 01:05 - 000616792 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-06-13 07:40 - 2018-05-11 23:54 - 003198464 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2018-06-13 07:40 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-06-13 07:40 - 2018-05-11 23:52 - 000909312 _____ (Microsoft Corporation) C:\Windows\system32\PayloadRestrictions.dll
2018-06-13 07:40 - 2018-05-11 23:52 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-13 07:40 - 2018-05-11 23:51 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\mmgaproxystub.dll
2018-06-13 07:40 - 2018-05-11 23:50 - 002186240 _____ (Microsoft Corporation) C:\Windows\system32\mmgaclient.dll
2018-06-13 07:40 - 2018-05-11 23:50 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\aadauthhelper.dll
2018-06-13 07:40 - 2018-05-11 23:50 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-06-13 07:40 - 2018-05-11 23:50 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2018-06-13 07:40 - 2018-05-11 23:50 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 07:40 - 2018-05-11 23:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 07:40 - 2018-05-11 23:49 - 001685504 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2018-06-13 07:40 - 2018-05-11 23:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2018-06-13 07:40 - 2018-05-11 23:48 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2018-06-13 07:40 - 2018-05-11 23:47 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2018-06-13 07:40 - 2018-05-11 23:47 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2018-06-13 07:40 - 2018-05-11 23:47 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2018-06-13 07:40 - 2018-05-11 23:47 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2018-06-13 07:40 - 2018-05-11 23:46 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2018-06-13 07:40 - 2018-05-11 23:44 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-06-13 07:40 - 2018-05-11 23:41 - 003630080 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-06-13 07:40 - 2018-05-11 23:40 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2018-06-13 07:40 - 2018-05-11 23:39 - 001717248 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-06-13 07:40 - 2018-05-11 23:38 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-06-13 07:40 - 2018-05-11 23:33 - 002762752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2018-06-13 07:40 - 2018-05-11 23:31 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PayloadRestrictions.dll
2018-06-13 07:40 - 2018-05-11 23:31 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-13 07:40 - 2018-05-11 23:31 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaproxystub.dll
2018-06-13 07:40 - 2018-05-11 23:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-13 07:40 - 2018-05-11 23:29 - 001428480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaclient.dll
2018-06-13 07:40 - 2018-05-11 23:29 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2018-06-13 07:40 - 2018-05-11 23:29 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 07:40 - 2018-05-11 23:28 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2018-06-13 07:40 - 2018-05-11 23:28 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2018-06-13 07:40 - 2018-05-11 23:27 - 000236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2018-06-13 07:40 - 2018-05-11 23:26 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2018-06-13 07:40 - 2018-05-11 23:26 - 000243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2018-06-13 07:40 - 2018-05-11 23:20 - 003430400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-06-13 07:40 - 2018-05-11 23:20 - 000821248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-06 20:31 - 2017-11-07 21:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-07-06 19:46 - 2017-11-07 22:40 - 000000000 ____D C:\Users\Uzivatel\AppData\LocalLow\Mozilla
2018-07-06 19:46 - 2017-11-07 22:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-06 19:46 - 2017-11-07 22:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-06 19:46 - 2017-11-07 22:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-06 19:40 - 2017-11-07 22:35 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\ClassicShell
2018-07-06 16:45 - 2018-02-10 12:06 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2018-07-06 16:44 - 2017-11-07 21:22 - 008314756 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-06 16:44 - 2017-09-30 16:31 - 004077856 _____ C:\Windows\system32\perfh005.dat
2018-07-06 16:44 - 2017-09-30 16:31 - 001179994 _____ C:\Windows\system32\perfc005.dat
2018-07-06 16:40 - 2017-11-07 21:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-06 16:39 - 2017-11-07 22:49 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-07-06 16:39 - 2017-09-29 10:45 - 000524288 _____ C:\Windows\system32\config\BBI
2018-07-06 09:13 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-07-06 06:51 - 2017-11-07 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-05 07:32 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-05 07:32 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\AppReadiness
2018-07-04 08:56 - 2017-11-07 21:25 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Packages
2018-07-03 15:24 - 2018-04-12 18:55 - 000000000 ___HD C:\$WINDOWS.~BT
2018-07-03 14:56 - 2017-11-07 21:13 - 000000000 ____D C:\Windows\Panther
2018-07-03 14:52 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\Registration
2018-07-03 14:51 - 2018-05-23 14:01 - 000099063 _____ C:\Windows\diagwrn.xml
2018-07-03 14:51 - 2018-05-23 14:01 - 000099063 _____ C:\Windows\diagerr.xml
2018-07-03 14:44 - 2017-11-07 21:24 - 000000000 ____D C:\Users\Uzivatel
2018-07-01 19:34 - 2018-02-10 12:34 - 000000000 ____D C:\Windows\cs
2018-07-01 19:34 - 2017-11-09 13:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rajče
2018-07-01 19:34 - 2017-11-07 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-07-01 19:34 - 2017-11-07 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-07-01 19:34 - 2017-11-07 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2018-07-01 19:34 - 2017-11-07 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-07-01 19:34 - 2017-11-07 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2018-07-01 19:34 - 2017-11-07 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-07-01 19:34 - 2017-11-07 22:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-07-01 19:34 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-01 19:34 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-07-01 19:34 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\spool
2018-07-01 19:34 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-01 19:34 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-01 19:34 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-01 19:34 - 2017-09-29 15:44 - 000000000 ____D C:\Windows\INF
2018-06-30 17:49 - 2017-09-29 10:45 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-06-30 15:22 - 2017-11-07 22:56 - 000000000 ____D C:\Users\Uzivatel\Documents\Vašek
2018-06-26 21:27 - 2017-11-07 22:41 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2018-06-25 11:34 - 2017-12-18 17:38 - 000000000 ____D C:\Windows\Minidump
2018-06-25 10:33 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\rescache
2018-06-24 08:47 - 2017-11-07 21:14 - 000418624 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-23 15:17 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\ShellExperiences
2018-06-23 14:12 - 2017-09-29 15:37 - 000000000 ____D C:\Windows\CbsTemp
2018-06-22 15:06 - 2017-11-10 15:37 - 000001510 _____ C:\Users\Uzivatel\Desktop\listopad – zástupce.lnk
2018-06-13 11:44 - 2017-11-07 21:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 11:44 - 2017-11-07 21:25 - 000000000 ___RD C:\Users\Uzivatel\3D Objects
2018-06-13 11:40 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-06-13 11:40 - 2017-09-29 15:46 - 000000000 ___SD C:\Windows\system32\F12
2018-06-13 11:40 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\TextInput
2018-06-13 11:40 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-06-13 11:40 - 2017-09-29 15:46 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-06-13 11:40 - 2017-09-29 10:45 - 000000000 ____D C:\Windows\system32\Dism
2018-06-13 07:52 - 2017-11-07 22:42 - 000000000 ____D C:\Windows\system32\MRT
2018-06-13 07:50 - 2017-11-07 22:42 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-13 07:50 - 2017-11-07 22:42 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-07 19:16 - 2018-03-14 13:21 - 000004660 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-06 01:24 - 2018-05-09 19:16 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:24 - 2018-05-09 19:16 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
2017-11-07 23:03 - 2012-12-10 01:29 - 000559200 ____R (Microsoft Corporation) C:\Users\Uzivatel\AppData\Local\Temp\OfficeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-04 14:36

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#10 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\MountPoints2: {2cf00a72-c3fd-11e7-872c-448a5b2d2007} - "G:\setup.EXE" /AUTORUN
HKU\S-1-5-21-1506879025-1754585261-3082722204-1001\...\MountPoints2: {d1f083b4-c3ef-11e7-872a-806e6f6e6963} - "E:\setup.exe"
C:\Users\Uzivatel\AppData\Local\Temp
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
Task: {17C662C0-29F3-4563-AAB3-7D9E10AC6A1D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {68BDACAC-1724-4B56-86EC-571C09F6D5C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)

EmptyTemp:
End
Uložte do C:\Users\Uzivatel\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#11 Příspěvek od Paphio »

Díky, ale neumím angklicky.Je to snad C Users Uživatel Stažené soubory?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#12 Příspěvek od Rudy »

Ano, to je on.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#13 Příspěvek od Paphio »

Byl jsem u nemocné dcery, na PC budu až zítra, děkuji za trpělivost. Něco jsem udělal špatně:
No fixlist.txt found.
No fixlist.txt should be in the same folder/directory the tool is lokated.

Děkuji ještě jednou.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: viry v poště

#14 Příspěvek od Rudy »

Fixlist musí být ve stejném adresáři, jako FRST a nesmí být v názvu překlep. Soubor se musí jmenovat fixlist.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Paphio
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 05 zář 2010 13:20

Re: viry v poště

#15 Příspěvek od Paphio »

Dobré ráno, místo logu mě to vyzvalo k restartu, který jsem udělal. Co teď? Díky.

Odpovědět