VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Avast hrozí a v FF vyskakují nová okna

https://forum.viry.cz:443/viewtopic.php?t=152943

Stránka 1 z 2

Avast hrozí a v FF vyskakují nová okna

Napsal: 30 zář 2017 14:19
od datel32
Zdravím,
Avast na mě hází tyto výstrahy a sem tam se mi otevře ve Firefox nové okno. Prosím o pomoc.

Obrázek

Log z ComboFix:

ComboFix 17-09-14.01 - Jezevec 30.09.2017 13:22:33.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4041.940 [GMT 2:00]
Spuštěný z: c:\users\Jezevec\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_ctypes.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_elementtree.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_hashlib.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_multiprocessing.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_psutil_windows.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_socket.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_ssl.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\_yappi.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\common.time34.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\hashobjs_ext.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\PIL._imaging.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\pyexpat.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\pysqlite2._sqlite.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\python27.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\pythoncom27.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\pywintypes27.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\select.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\thumbnails_ext.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\unicodedata.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\usb_ext.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32api.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32com.shell.shell.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32crypt.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32event.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32file.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32gui.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32inet.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32pdh.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32pipe.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32process.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32profile.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32security.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\win32ts.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\windows._lib_cacheinvalidation.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\windows.device_monitor.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\windows.volumes.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\windows.winwrap.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wx._controls_.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wx._core_.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wx._gdi_.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wx._html2.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wx._misc_.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wx._windows_.pyd
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wxbase30u_net_vc90.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wxbase30u_vc90.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wxmsw30u_adv_vc90.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wxmsw30u_core_vc90.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wxmsw30u_html_vc90.dll
c:\users\Jezevec\AppData\Local\Temp\_MEI23642\wxmsw30u_webview_vc90.dll
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-08-28 do 2017-09-30 )))))))))))))))))))))))))))))))
.
.
2017-09-30 12:12 . 2017-09-30 12:12 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-30 12:11 . 2017-09-30 12:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-09-27 16:21 . 2017-09-27 16:21 -------- d--h--w- C:\OneDriveTemp
2017-09-23 15:44 . 2017-09-24 15:44 -------- d-----w- c:\windows\AutoKMS
2017-09-23 15:43 . 2017-09-23 15:43 -------- d-----w- c:\programdata\Microsoft Toolkit
2017-09-23 14:14 . 2017-09-23 14:14 -------- d-----w- C:\$AV_ASW
2017-09-23 14:12 . 2017-09-23 14:12 -------- d-----w- c:\programdata\ecba57a0-35f5-1
2017-09-23 14:12 . 2017-09-23 14:12 -------- d-----w- c:\programdata\ecba57a0-2713-0
2017-09-23 14:10 . 2017-09-23 14:10 12431360 ----a-w- c:\programdata\Microsoft\Windows NT\MSFax\ActivityLog\CalendarExt.dll
2017-09-23 14:10 . 2017-09-23 14:10 -------- d-----w- c:\program files (x86)\360
2017-09-23 14:09 . 2017-09-30 05:38 -------- d-----w- c:\programdata\LCFApp
2017-09-23 14:09 . 2017-09-23 14:09 -------- d-----w- c:\users\Public\Thunder Network
2017-09-23 14:09 . 2017-09-23 14:09 -------- d-----w- c:\programdata\Thunder Network
2017-09-20 16:48 . 2017-09-20 16:48 49992 ----a-w- c:\windows\system32\DbxSvc.exe
2017-09-20 16:48 . 2017-09-20 16:48 45672 ----a-w- c:\windows\system32\drivers\dbx-dev.sys
2017-09-20 16:48 . 2017-09-20 16:48 45640 ----a-w- c:\windows\system32\drivers\dbx-stable.sys
2017-09-20 16:48 . 2017-09-20 16:48 45640 ----a-w- c:\windows\system32\drivers\dbx-canary.sys
2017-09-12 21:49 . 2017-08-16 01:10 293072 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2017-09-07 09:56 . 2017-09-07 09:56 3199232 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Mso30win32client.dll
2017-09-07 09:45 . 2017-09-07 09:45 4766976 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE16\Mso30win32client.dll
2017-08-31 16:49 . 2017-08-31 16:49 401488 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-09-25 16:49 . 2016-06-21 08:21 361784 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2017-09-18 16:49 . 2016-06-21 08:21 199312 ----a-w- c:\windows\system32\drivers\aswstm.sys
2017-09-13 01:07 . 2014-09-02 14:40 138202976 -c--a-w- c:\windows\system32\MRT.exe
2017-09-12 17:38 . 2016-06-21 08:29 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-09-12 17:38 . 2016-06-21 08:29 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-08-31 16:49 . 2016-06-21 08:21 84416 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-08-31 16:49 . 2016-06-21 08:21 590880 ----a-w- c:\windows\system32\drivers\aswSP.sys
2017-08-31 16:49 . 2016-06-21 08:21 47016 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-08-31 16:49 . 2016-06-21 08:21 147784 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-08-31 16:49 . 2016-06-21 08:21 110376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-08-31 16:49 . 2016-06-21 08:21 1016384 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-08-31 16:49 . 2017-03-01 14:07 57736 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-08-31 16:49 . 2017-03-01 14:07 343296 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-08-31 16:49 . 2017-03-01 14:07 320528 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-08-31 16:49 . 2017-03-01 14:07 198976 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-08-11 06:35 . 2017-09-12 21:49 345600 ----a-w- c:\windows\system32\schannel.dll
2017-08-11 06:35 . 2017-09-12 21:49 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-08-11 06:19 . 2017-09-12 21:49 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-08-11 06:19 . 2017-09-12 21:49 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-08-11 06:19 . 2017-09-12 21:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-07-29 14:56 . 2017-08-09 13:06 117248 ----a-w- c:\windows\system32\drivers\tdx.sys
2017-07-26 10:10 . 2017-07-13 14:41 292 ----a-w- c:\users\Jezevec\advanced_ip_scanner_MAC.bin
2017-07-26 10:10 . 2017-07-13 14:41 15 ----a-w- c:\users\Jezevec\advanced_ip_scanner_Comments.bin
2017-07-26 10:10 . 2017-07-13 14:41 15 ----a-w- c:\users\Jezevec\advanced_ip_scanner_Aliases.bin
2017-07-23 08:57 . 2016-06-21 17:25 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2017-07-21 14:26 . 2017-08-09 13:06 282624 ----a-w- c:\windows\SysWow64\mstext40.dll
2017-07-21 14:26 . 2017-08-09 13:06 518144 ----a-w- c:\windows\SysWow64\msjetoledb40.dll
2017-07-21 14:26 . 2017-08-09 13:06 290816 ----a-w- c:\windows\SysWow64\msjtes40.dll
2017-07-21 14:26 . 2017-08-09 13:06 409600 ----a-w- c:\windows\SysWow64\msexch40.dll
2017-07-14 15:29 . 2017-08-09 13:06 486400 ----a-w- c:\windows\system32\wer.dll
2017-07-14 15:29 . 2017-08-09 13:06 34304 ----a-w- c:\windows\system32\werdiagcontroller.dll
2017-07-14 15:29 . 2017-08-09 13:06 2319872 ----a-w- c:\windows\system32\tquery.dll
2017-07-14 15:29 . 2017-08-09 13:06 2058240 ----a-w- c:\windows\system32\Query.dll
2017-07-14 15:29 . 2017-08-09 13:06 778240 ----a-w- c:\windows\system32\mssvp.dll
2017-07-14 15:29 . 2017-08-09 13:06 491520 ----a-w- c:\windows\system32\mssph.dll
2017-07-14 15:29 . 2017-08-09 13:06 2222080 ----a-w- c:\windows\system32\mssrch.dll
2017-07-14 15:29 . 2017-08-09 13:06 99840 ----a-w- c:\windows\system32\mssprxy.dll
2017-07-14 15:29 . 2017-08-09 13:06 75264 ----a-w- c:\windows\system32\msscntrs.dll
2017-07-14 15:29 . 2017-08-09 13:06 288256 ----a-w- c:\windows\system32\mssphtb.dll
2017-07-14 15:29 . 2017-08-09 13:06 14336 ----a-w- c:\windows\system32\msshooks.dll
2017-07-14 15:29 . 2017-08-09 13:06 115200 ----a-w- c:\windows\system32\mssitlb.dll
2017-07-14 15:12 . 2017-08-09 13:06 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2017-07-14 15:12 . 2017-08-09 13:06 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2017-07-14 15:11 . 2017-08-09 13:06 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2017-07-14 15:10 . 2017-08-09 13:06 382976 ----a-w- c:\windows\SysWow64\wer.dll
2017-07-14 15:10 . 2017-08-09 13:06 1549824 ----a-w- c:\windows\SysWow64\tquery.dll
2017-07-14 15:10 . 2017-08-09 13:06 1363968 ----a-w- c:\windows\SysWow64\Query.dll
2017-07-14 15:10 . 2017-08-09 13:06 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2017-07-14 15:10 . 2017-08-09 13:06 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2017-07-14 15:10 . 2017-08-09 13:06 34816 ----a-w- c:\windows\SysWow64\mssprxy.dll
2017-07-14 15:10 . 2017-08-09 13:06 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2017-07-14 15:10 . 2017-08-09 13:06 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2017-07-14 15:10 . 2017-08-09 13:06 1400320 ----a-w- c:\windows\SysWow64\mssrch.dll
2017-07-14 15:10 . 2017-08-09 13:06 104448 ----a-w- c:\windows\SysWow64\mssitlb.dll
2017-07-14 15:00 . 2017-08-09 13:06 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2017-07-14 15:00 . 2017-08-09 13:06 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2017-07-14 14:59 . 2017-08-09 13:06 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2017-07-14 14:59 . 2017-08-09 13:06 9728 ----a-w- c:\windows\SysWow64\msshooks.dll
2017-07-14 14:57 . 2017-08-09 13:06 50688 ----a-w- c:\windows\system32\wermgr.exe
2017-07-14 14:50 . 2017-08-09 13:06 54272 ----a-w- c:\windows\SysWow64\wermgr.exe
2017-07-14 14:50 . 2017-08-09 13:06 28672 ----a-w- c:\windows\SysWow64\werdiagcontroller.dll
2017-07-08 15:34 . 2017-08-09 13:06 370920 ----a-w- c:\windows\system32\clfs.sys
2017-07-07 15:33 . 2017-08-09 13:06 363752 ----a-w- c:\windows\system32\drivers\volmgrx.sys
2017-07-07 15:29 . 2017-08-09 13:06 149504 ----a-w- c:\windows\system32\t2embed.dll
2017-07-07 15:11 . 2017-08-09 13:06 109568 ----a-w- c:\windows\SysWow64\t2embed.dll
2017-07-04 08:46 . 2017-07-04 08:46 124288 ----a-w- c:\windows\system32\drivers\wfcre.sys
2017-06-24 14:19 . 2017-06-24 14:19 19110936 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
2015-03-26 11:48 . 2015-03-26 11:48 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 285000 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-09-21 14:48 2602704 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-09-21 14:48 2602704 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-09-21 14:48 2602704 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-09-21 14:48 2602704 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-09-21 14:48 2602704 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-07-11 05:04 1524016 ----a-w- c:\progra~2\MICROS~1\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-07-11 05:04 1524016 ----a-w- c:\progra~2\MICROS~1\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-07-11 05:04 1524016 ----a-w- c:\progra~2\MICROS~1\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-06-23 09:32 569856 ----a-w- c:\users\Jezevec\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-06-23 09:32 569856 ----a-w- c:\users\Jezevec\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-06-23 09:32 569856 ----a-w- c:\users\Jezevec\AppData\Local\MEGAsync\ShellExtX32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.szndesktop"="c:\users\Jezevec\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2017-08-31 40257336]
"OneDrive"="c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\OneDrive.exe" [2017-09-21 1686736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"="c:\program files (x86)\Dropbox\Client\Dropbox.exe" [2017-09-20 3481912]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-07-12 587288]
.
c:\users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MEGAsync.lnk - c:\users\Jezevec\AppData\Local\MEGAsync\MEGAsync.exe [2016-6-3 5415936]
Poslat do aplikace OneNote.lnk - c:\program files\Microsoft Office\Office16\ONENOTEM.EXE /tsr [2015-7-31 171696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 MpKsiUXMRBT;guarder701;c:\windows\System32\MpKslmitORu.sys;c:\windows\SYSNATIVE\MpKslmitORu.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dbupdate;Dropbox Update Service (dbupdate);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe;c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [x]
R3 dbx;dbx;c:\windows\system32\DRIVERS\dbx.sys;c:\windows\SYSNATIVE\DRIVERS\dbx.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MpKslFakeKy;MpKslFakeKy; [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Události načítání snímků;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SI3112r;SiI-3512 SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys;c:\windows\SYSNATIVE\DRIVERS\SI3112r.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 wfcre;wfcre;c:\windows\system32\drivers\wfcre.sys;c:\windows\SYSNATIVE\drivers\wfcre.sys [x]
S2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DbxSvc;DbxSvc;c:\windows\system32\DbxSvc.exe;c:\windows\SYSNATIVE\DbxSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - VqJXCIdY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
Obsah adresáře 'Naplánované úlohy'
.
2017-09-30 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-22 06:16]
.
2017-09-30 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-22 06:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt01]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt02]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt03Ex]
@="{1FAAF9CB-1375-5A19-6847-664E9D5B32EE}"
[HKEY_CLASSES_ROOT\CLSID\{1FAAF9CB-1375-5A19-6847-664E9D5B32EE}]
2017-09-23 14:10 12431360 ----a-w- c:\programdata\Microsoft\Windows NT\MSFax\ActivityLog\CalendarExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt04]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt05]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt06]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt07]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt08]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt09]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2017-09-20 16:36 333128 ----a-w- c:\program files (x86)\Dropbox\Client\DropboxExt64.18.0.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-09-21 14:48 2863824 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-09-21 14:48 2863824 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-09-21 14:48 2863824 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-09-21 14:48 2863824 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-09-21 14:48 2863824 ----a-w- c:\users\Jezevec\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2017-08-31 15:18 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2017-08-31 15:18 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2017-08-31 15:18 775064 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-07-11 05:03 2179376 ----a-w- c:\progra~1\MICROS~1\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-07-11 05:03 2179376 ----a-w- c:\progra~1\MICROS~1\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-07-11 05:03 2179376 ----a-w- c:\progra~1\MICROS~1\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtPending]
@="{056D528D-CE28-4194-9BA3-BA2E9197FF8C}"
[HKEY_CLASSES_ROOT\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}]
2017-06-23 09:32 598528 ----a-w- c:\users\Jezevec\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSynced]
@="{05B38830-F4E9-4329-978B-1DD28605D202}"
[HKEY_CLASSES_ROOT\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}]
2017-06-23 09:32 598528 ----a-w- c:\users\Jezevec\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\###MegaShellExtSyncing]
@="{0596C850-7BDD-4C9D-AFDF-873BE6890637}"
[HKEY_CLASSES_ROOT\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}]
2017-06-23 09:32 598528 ----a-w- c:\users\Jezevec\AppData\Local\MEGAsync\ShellExtX64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-08-31 16:49 1770920 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-08-31 16:49 1770920 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-08-31 239856]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office16\EXCEL.EXE/3000
IE: Poslat do On&eNotu - c:\progra~1\MICROS~1\Office16\ONBttnIE.dll/105
IE: SmarThru4 Capture Selection - c:\program files (x86)\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files (x86)\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files (x86)\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files (x86)\SmarThru 4\WebCapture.dll
TCP: DhcpNameServer = 192.168.16.1 0.0.0.0
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - c:\program files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VqJXCIdY]
"ImagePath"="system32\drivers\VqJXCIdY.sys"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c4,2b,c5,ec,cc,0d,ce,48,bb,c1,a2,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c4,2b,c5,ec,cc,0d,ce,48,bb,c1,a2,\
.
[HKEY_USERS\S-1-5-21-3508648510-883788364-2179421100-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{81FA2D9F-3A26-7CE7-1164-E720A7481261}*]
"jafggkipocnakjfkgehf"=hex:62,61,68,69,00,00
"jafggkipocnakjfkgelf"=hex:62,61,68,69,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\AVAST Software\Avast\AvastUI.exe
c:\users\Jezevec\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
.
**************************************************************************
.
Celkový čas: 2017-09-30 14:15:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-09-30 12:15
.
Před spuštěním: Volných bajtů: 45 065 383 936
Po spuštění: Volných bajtů: 45 515 022 336
.
- - End Of File - - 4019789EA7767F83AD8ABE08B0D61D07
A36C5E4F47E84449FF07ED3517B43A31

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 30 zář 2017 18:00
od Rudy
Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém. Kéž byste tak četl naše pravidla: https://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3). Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 30 zář 2017 18:12
od datel32
Naposled jsem tu byl před několika lety... To se ještě Combofix používal. Zítra to napravím.

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 30 zář 2017 18:21
od datel32
Tak tu je Log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-09-2017
Ran by Jezevec (administrator) on JEZEVEC-W7 (30-09-2017 19:19:09)
Running from C:\Users\Jezevec\Desktop
Loaded Profiles: Jezevec (Available Profiles: Jezevec)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Jezevec\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Mega Limited) C:\Users\Jezevec\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Ventis Media Inc.) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\MSOSYNC.EXE
(forum.viry.cz) C:\Users\Jezevec\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-08-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jezevec\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40257336 2017-08-31] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-06-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Jezevec\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-09-30]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.16.1 0.0.0.0
Tcpip\..\Interfaces\{09221525-C06D-4C9A-BA4F-B5889AA562E5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5B943F62-5527-4C6E-8F52-F423F777E41C}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{B222407B-6219-44CF-A509-7FA4BF78F8F9}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{D50C7548-82CC-4993-89A3-A78E197D7B92}: [DhcpNameServer] 192.168.16.1 0.0.0.0

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zn0d1o7w.default
FF ProfilePath: C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default [2017-09-30]
FF NewTab: Mozilla\Firefox\Profiles\zn0d1o7w.default -> chrome://quick_start/content/index.html
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\zn0d1o7w.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\zn0d1o7w.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\zn0d1o7w.default -> hxxps://www.seznam.cz/
FF Extension: (Dolphin Connect) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\jid1-79nQAfjhUybb3A@jetpack.xpi [2016-06-21]
FF Extension: (Google Translator for Firefox) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\translator@zoli.bod.xpi [2017-03-02]
FF Extension: (FEBE) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-11-13]
FF Extension: (Video DownloadHelper) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-11]
FF Extension: (Activity Stream) - C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi [2017-09-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-06-23] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-30] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-30] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3508648510-883788364-2179421100-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jezevec\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3508648510-883788364-2179421100-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jezevec\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-12-13] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default [2017-09-27]
CHR Extension: (Prezentace Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-22]
CHR Extension: (Dokumenty Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-22]
CHR Extension: (Disk Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-22]
CHR Extension: (YouTube) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-22]
CHR Extension: (Image Downloader) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2017-05-07]
CHR Extension: (Tabulky Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKU\S-1-5-21-3508648510-883788364-2179421100-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-08-31] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-08-31] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-22] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-20] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-08-31] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-08-31] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-08-31] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-08-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361784 2017-09-25] (AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [47104 2006-08-16] (Samsung Electronics) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-02] (Disc Soft Ltd)
S3 MpKslFakeKy; no ImagePath
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R0 SI3112r; C:\Windows\System32\DRIVERS\SI3112r.sys [133160 2007-12-26] (Silicon Image, Inc)
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
R0 Si3132r5; C:\Windows\System32\DRIVERS\Si3132r5.sys [337960 2007-12-26] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-12-26] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
R1 wfcre; C:\Windows\System32\drivers\wfcre.sys [124288 2017-07-04] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S0 MpKsiUXMRBT; System32\MpKslmitORu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-30 19:19 - 2017-09-30 19:19 - 000021250 _____ C:\Users\Jezevec\Desktop\FRST.txt
2017-09-30 19:18 - 2017-09-30 19:19 - 000000000 ____D C:\FRST
2017-09-30 19:17 - 2017-09-30 19:17 - 000112640 _____ (forum.viry.cz) C:\Users\Jezevec\Desktop\FRSTLauncher.exe
2017-09-30 19:15 - 2017-09-30 19:15 - 002399744 _____ (Farbar) C:\Users\Jezevec\Desktop\FRST64.exe
2017-09-30 15:26 - 2017-09-30 15:26 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-30 15:26 - 2017-09-30 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-30 15:05 - 2017-09-30 15:05 - 000000000 ___HD C:\OneDriveTemp
2017-09-30 14:15 - 2017-09-30 14:15 - 000041586 _____ C:\ComboFix.txt
2017-09-30 13:21 - 2017-09-30 14:15 - 000000000 ____D C:\Qoobox
2017-09-30 13:21 - 2017-09-30 14:15 - 000000000 ____D C:\ComboFix
2017-09-30 13:21 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2017-09-30 13:21 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2017-09-30 13:21 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2017-09-30 13:20 - 2017-09-30 14:12 - 000000000 ____D C:\Windows\erdnt
2017-09-30 13:14 - 2017-09-30 13:14 - 005660248 ____R (Swearware) C:\Users\Jezevec\Desktop\ComboFix.exe
2017-09-25 16:58 - 2017-09-25 16:58 - 001969808 _____ C:\Users\Jezevec\Desktop\AYR001_AYD-20_OM_CZ.pdf
2017-09-25 15:42 - 2017-09-25 15:42 - 000000211 _____ C:\Users\Jezevec\Desktop\Go-Myanmar.com.URL
2017-09-23 17:44 - 2017-09-30 15:03 - 000003604 _____ C:\Windows\System32\Tasks\AutoKMS
2017-09-23 17:44 - 2017-09-24 17:44 - 000000000 ____D C:\Windows\AutoKMS
2017-09-23 17:43 - 2017-09-23 17:43 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2017-09-23 16:14 - 2017-09-23 16:14 - 000000000 ____D C:\$AV_ASW
2017-09-23 16:12 - 2017-09-23 16:12 - 000000000 ____D C:\ProgramData\ecba57a0-35f5-1
2017-09-23 16:12 - 2017-09-23 16:12 - 000000000 ____D C:\ProgramData\ecba57a0-2713-0
2017-09-23 16:10 - 2017-09-23 16:10 - 000000000 ____D C:\Program Files (x86)\360
2017-09-23 16:09 - 2017-09-30 15:33 - 000000000 ____D C:\ProgramData\LCFApp
2017-09-23 16:09 - 2017-09-23 16:09 - 000140800 _____ C:\Users\Jezevec\AppData\Local\installer.dat
2017-09-23 16:09 - 2017-09-23 16:09 - 000011568 _____ C:\Users\Jezevec\AppData\Local\InstallationConfiguration.xml
2017-09-23 16:09 - 2017-09-23 16:09 - 000000000 ____D C:\Users\Public\Thunder Network
2017-09-23 16:09 - 2017-09-23 16:09 - 000000000 ____D C:\Users\Public\Documents\XMUpdate
2017-09-23 16:09 - 2017-09-23 16:09 - 000000000 ____D C:\ProgramData\Thunder Network
2017-09-23 16:08 - 2017-09-23 16:08 - 000003550 _____ C:\Windows\System32\Tasks\PPI Update
2017-09-22 15:33 - 2017-09-22 15:45 - 000000000 ____D C:\Users\Jezevec\Desktop\Nová složka
2017-09-22 01:38 - 2017-09-22 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-20 18:48 - 2017-09-20 18:48 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-20 18:48 - 2017-09-20 18:48 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-14 23:27 - 2017-09-14 23:27 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive for PC is now Backup and Sync from Google.lnk
2017-09-14 23:27 - 2017-09-14 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-09-12 23:50 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-12 23:50 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-12 23:50 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-12 23:50 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-12 23:50 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-12 23:50 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-12 23:50 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-12 23:50 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-12 23:50 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-12 23:50 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-12 23:50 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-12 23:50 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-12 23:50 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-12 23:50 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-12 23:50 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-12 23:50 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-12 23:50 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-12 23:50 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-12 23:50 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-12 23:50 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-12 23:50 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-12 23:50 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-12 23:50 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-12 23:50 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-12 23:50 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-12 23:50 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-12 23:50 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-12 23:50 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-12 23:50 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-12 23:50 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-12 23:50 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-12 23:50 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-12 23:50 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-12 23:50 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-12 23:50 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-12 23:50 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-12 23:50 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-12 23:50 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-12 23:50 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-12 23:50 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-12 23:50 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-12 23:50 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-12 23:50 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-12 23:49 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-12 23:49 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-12 23:49 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-12 23:49 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-12 23:49 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-12 23:49 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-12 23:49 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-12 23:49 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-12 23:49 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-12 23:49 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-12 23:49 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-12 23:49 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-12 23:49 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-12 23:49 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-12 23:49 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-12 23:49 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-12 23:49 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-12 23:49 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-12 23:49 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-12 23:49 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-12 23:49 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-12 23:49 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-12 23:49 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-12 23:49 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-12 23:49 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-12 23:49 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-12 23:49 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-12 23:49 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-12 23:49 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-12 23:49 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-12 23:49 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-12 23:49 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-12 23:49 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-12 23:49 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-12 23:49 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-12 23:49 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-12 23:49 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-12 23:49 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-12 23:49 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-12 23:49 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-12 23:49 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-12 23:49 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-12 23:49 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-12 23:49 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-12 23:49 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-12 23:49 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-12 23:49 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-12 23:49 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-12 23:49 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-12 23:49 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-12 23:49 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-12 23:49 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-12 23:49 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-12 23:49 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-12 23:49 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-12 23:49 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-12 23:49 - 2017-08-11 08:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-12 23:49 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-12 23:49 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-12 23:49 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-12 23:49 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-12 23:49 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-12 23:49 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-12 23:49 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-12 23:49 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-12 23:49 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-12 23:49 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-12 23:49 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-12 23:49 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-12 23:49 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-12 23:49 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-12 23:49 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-12 23:49 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-12 23:49 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-12 23:49 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-12 23:49 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-12 23:49 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-12 23:49 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-12 23:49 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-12 23:49 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-12 23:49 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-12 23:49 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-12 23:49 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-08 18:04 - 2017-09-09 20:37 - 000000000 ____D C:\Windows\Minidump
2017-08-31 18:49 - 2017-08-31 18:49 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-30 18:37 - 2016-06-22 08:16 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-09-30 15:45 - 2010-11-21 11:27 - 000671834 _____ C:\Windows\system32\perfh005.dat
2017-09-30 15:45 - 2010-11-21 11:27 - 000142430 _____ C:\Windows\system32\perfc005.dat
2017-09-30 15:45 - 2009-07-14 07:13 - 001591974 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-30 15:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-30 15:11 - 2009-07-14 06:45 - 000022016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-30 15:11 - 2009-07-14 06:45 - 000022016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-30 15:05 - 2016-11-17 11:20 - 000000000 ___RD C:\Users\Jezevec\OneDrive
2017-09-30 15:04 - 2016-10-01 10:09 - 000000000 ___RD C:\Users\Jezevec\Disk Google
2017-09-30 15:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-30 15:03 - 2016-06-22 08:16 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-09-30 15:03 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-30 15:02 - 2017-03-27 14:15 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-30 15:02 - 2014-09-02 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-30 14:58 - 2017-03-18 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-30 14:20 - 2017-03-01 16:07 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-30 14:12 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini
2017-09-30 14:11 - 2016-08-19 21:41 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-09-30 13:20 - 2016-06-21 16:49 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\MediaMonkey
2017-09-29 20:07 - 2016-06-21 19:05 - 000000000 ____D C:\Users\Jezevec\Desktop\OPF
2017-09-29 19:43 - 2016-06-21 19:50 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\BitComet
2017-09-29 18:44 - 2016-06-21 10:24 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\vlc
2017-09-29 17:03 - 2016-06-20 13:17 - 000000000 ___RD C:\Users\Public\!Canon Scan
2017-09-26 02:28 - 2016-06-22 09:56 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-26 02:28 - 2016-06-22 09:56 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 18:49 - 2016-06-21 10:21 - 000361784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-09-24 13:22 - 2016-06-22 08:19 - 000000000 ___RD C:\Users\Jezevec\Dropbox
2017-09-23 17:35 - 2017-03-02 10:29 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\DAEMON Tools Lite
2017-09-23 16:36 - 2017-05-08 12:28 - 000000000 ____D C:\Program Files (x86)\Matlafous
2017-09-22 15:49 - 2016-06-22 08:25 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\XnView
2017-09-22 01:39 - 2016-06-22 08:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-21 16:49 - 2017-07-27 16:47 - 000003180 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3508648510-883788364-2179421100-1001
2017-09-21 16:49 - 2016-11-17 11:20 - 000002188 _____ C:\Users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-18 18:49 - 2016-06-21 10:21 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-09-18 11:48 - 2016-09-06 16:55 - 000000000 ____D C:\Users\Jezevec\AppData\Local\CrashDumps
2017-09-13 09:23 - 2016-06-24 16:40 - 000000000 ____D C:\Users\Jezevec\AppData\Local\ElevatedDiagnostics
2017-09-13 04:04 - 2016-09-15 09:36 - 000000000 ____D C:\Windows\rescache
2017-09-13 03:27 - 2009-07-14 06:45 - 000566008 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-13 03:09 - 2014-09-02 16:40 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 03:07 - 2014-09-02 16:40 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-13 03:06 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini
2017-09-13 03:01 - 2014-09-02 17:13 - 001566688 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-12 19:38 - 2016-06-21 10:29 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-12 19:38 - 2016-06-21 10:29 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-12 19:38 - 2016-06-21 10:29 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-12 19:38 - 2014-09-02 15:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-12 19:38 - 2014-09-02 15:46 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-09 20:39 - 2017-03-16 18:41 - 000000000 ____D C:\Windows\pss
2017-09-08 18:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-01 14:11 - 2017-08-12 11:10 - 000053806 _____ C:\Users\Jezevec\Desktop\Beneš.rp
2017-08-31 19:20 - 2016-06-21 10:21 - 000000000 ____D C:\Program Files\Common Files\AV
2017-08-31 18:49 - 2017-03-01 16:07 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-08-31 18:49 - 2017-03-01 16:07 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-08-31 18:49 - 2017-03-01 16:07 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-08-31 18:49 - 2017-03-01 16:07 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-08-31 18:49 - 2016-06-21 10:21 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-08-31 18:49 - 2016-06-21 10:21 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-08-31 18:49 - 2016-06-21 10:21 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-08-31 18:49 - 2016-06-21 10:21 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-08-31 18:49 - 2016-06-21 10:21 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-08-31 18:49 - 2016-06-21 10:21 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-08-31 18:42 - 2016-06-21 20:01 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\calibre
2017-08-31 12:04 - 2015-05-04 11:43 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2015-03-26 13:48 - 2015-03-26 13:48 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-06-24 16:19 - 2017-06-24 16:19 - 019110936 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-06-22 11:34 - 2017-06-01 13:34 - 000009125 _____ () C:\Users\Jezevec\AppData\Roaming\SmarThruOptions.xml
2016-06-24 21:05 - 2016-06-24 21:05 - 000003584 _____ () C:\Users\Jezevec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-23 16:09 - 2017-09-23 16:09 - 000011568 _____ () C:\Users\Jezevec\AppData\Local\InstallationConfiguration.xml
2017-09-23 16:09 - 2017-09-23 16:09 - 000140800 _____ () C:\Users\Jezevec\AppData\Local\installer.dat
2016-08-23 15:06 - 2016-08-23 15:06 - 000000001 _____ () C:\Users\Jezevec\AppData\Local\llftool.4.40.agreement
2017-04-13 13:11 - 2017-04-13 13:11 - 000000000 _____ () C:\Users\Jezevec\AppData\Local\{9F1DFCBA-091C-467A-ABE6-7DBDE974CB42}
2016-06-21 10:51 - 2016-06-21 10:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-30 00:54

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.68 GB) (Free:42.2 GB) NTFS
Drive d: () (Fixed) (Total:232.88 GB) (Free:8.55 GB) NTFS
Drive e: (MY BOOK) (Fixed) (Total:465.76 GB) (Free:70.44 GB) NTFS

Available physical RAM: 1741 MB
Total physical RAM: 4040.79 MB
Percentage of memory in use: 56%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 4DD58A9F)
Partition 1: (Active) - (Size=117 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
Disk: 1 (Size: 465.8 GB) (Disk ID: ECC4106F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)
Disk: 2 (Size: 232.9 GB) (Disk ID: 8FF68FF6)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:656DFEFF [432]
AlternateDataStreams: C:\Users\Jezevec\Desktop\PS_SX220HS_SX230HS_CUG_CS.pdf:com.dropbox.attributes [168]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jezevec\Desktop" je 2346 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C13497E82F485FDCFD7062BB0F17487DC7B37598._service_run
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Jezevec\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Photos Backup
"C:\Users\Jezevec\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Jezevec\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jezevec^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Poslat do aplikace OneNote.lnk
C:\PROGRA~1\MICROS~1\Office16\ONENOTEM.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 30 zář 2017 18:52
od Rudy
CF se tu používá stále, ale jen na pokyn rádce a po kontrole některým běžným skenerem. O své vůli si koledujete o poškození systému. CF totiž maže některé regulérní aplikace. Teď spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 30 zář 2017 21:22
od datel32
# AdwCleaner 7.0.3.1 - Logfile created on Sat Sep 30 20:19:33 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\All Users\Documents\XMUpdate
Deleted: C:\Users\Public\Documents\XMUpdate
Deleted: C:\ProgramData\ecba57a0-2713-0
Deleted: C:\ProgramData\ecba57a0-35f5-1


***** [ Files ] *****

Deleted: C:\Users\Jezevec\appdata\local\installationconfiguration.xml
Deleted: C:\Windows\SysNative\drivers\wfcre.sys


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: PPI Update
Deleted: FastDataX Task


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted: [Key] - HKU\S-1-5-21-3508648510-883788364-2179421100-1001\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-3508648510-883788364-2179421100-1001\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: Slunečnice - slunecnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2313 B] - [2017/9/30 20:18:4]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 15:33
od Rudy
Dejte nový log FRST.

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 16:24
od datel32
==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-30 00:54

==================== End of FRST.txt ============================

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 17:05
od Rudy
Log FRST vypadá třeba takto: https://forum.viry.cz/viewtopic.php?f=1 ... 3#p1490948 .

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 17:10
od datel32
OOPS! Sorry jako... :oops:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-10-2017
Ran by Jezevec (administrator) on JEZEVEC-W7 (01-10-2017 18:09:02)
Running from C:\Users\Jezevec\Desktop
Loaded Profiles: Jezevec (Available Profiles: Jezevec)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Users\Jezevec\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Mega Limited) C:\Users\Jezevec\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Ventis Media Inc.) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\MSOSYNC.EXE
(forum.viry.cz) C:\Users\Jezevec\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-08-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jezevec\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40257336 2017-08-31] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-06-22]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Jezevec\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2017-10-01]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.16.1 0.0.0.0
Tcpip\..\Interfaces\{09221525-C06D-4C9A-BA4F-B5889AA562E5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5B943F62-5527-4C6E-8F52-F423F777E41C}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{B222407B-6219-44CF-A509-7FA4BF78F8F9}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{D50C7548-82CC-4993-89A3-A78E197D7B92}: [DhcpNameServer] 192.168.16.1 0.0.0.0

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3508648510-883788364-2179421100-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zn0d1o7w.default
FF ProfilePath: C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default [2017-10-01]
FF NewTab: Mozilla\Firefox\Profiles\zn0d1o7w.default -> chrome://quick_start/content/index.html
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\zn0d1o7w.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\zn0d1o7w.default -> Seznam
FF Homepage: Mozilla\Firefox\Profiles\zn0d1o7w.default -> hxxps://www.seznam.cz/
FF Extension: (Dolphin Connect) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\jid1-79nQAfjhUybb3A@jetpack.xpi [2016-06-21]
FF Extension: (Google Translator for Firefox) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\translator@zoli.bod.xpi [2017-03-02]
FF Extension: (FEBE) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2016-11-13]
FF Extension: (Video DownloadHelper) - C:\Users\Jezevec\AppData\Roaming\Mozilla\Firefox\Profiles\zn0d1o7w.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-11]
FF Extension: (Activity Stream) - C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi [2017-09-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-06-23] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-30] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-30] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3508648510-883788364-2179421100-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jezevec\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3508648510-883788364-2179421100-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jezevec\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-12-13] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default [2017-10-01]
CHR Extension: (Prezentace Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-22]
CHR Extension: (Dokumenty Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-22]
CHR Extension: (Disk Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-22]
CHR Extension: (YouTube) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-22]
CHR Extension: (Image Downloader) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2017-05-07]
CHR Extension: (Tabulky Google) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-22]
CHR Extension: (Chrome Media Router) - C:\Users\Jezevec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKU\S-1-5-21-3508648510-883788364-2179421100-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-08-31] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-08-31] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-22] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-09-20] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2016-03-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-08-31] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-08-31] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-08-31] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-08-31] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-18] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361784 2017-09-25] (AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [47104 2006-08-16] (Samsung Electronics) [File not signed]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-03-02] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-03-02] (Disc Soft Ltd)
S3 MpKslFakeKy; no ImagePath
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R0 SI3112r; C:\Windows\System32\DRIVERS\SI3112r.sys [133160 2007-12-26] (Silicon Image, Inc)
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2007-10-03] (Silicon Image, Inc)
R0 Si3132r5; C:\Windows\System32\DRIVERS\Si3132r5.sys [337960 2007-12-26] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2007-12-26] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2007-10-03] (Silicon Image, Inc)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S0 MpKsiUXMRBT; System32\MpKslmitORu.sys [X]
S1 wfcre; system32\drivers\wfcre.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-01 18:09 - 2017-10-01 18:09 - 000021220 _____ C:\Users\Jezevec\Desktop\FRST.txt
2017-10-01 18:08 - 2017-10-01 18:08 - 000112640 _____ (forum.viry.cz) C:\Users\Jezevec\Desktop\FRSTLauncher.exe
2017-10-01 18:08 - 2017-10-01 18:08 - 000029696 _____ C:\Users\Jezevec\AppData\Local\MSGBOX.EXE
2017-10-01 18:08 - 2017-10-01 18:08 - 000015327 _____ C:\Users\Jezevec\Desktop\LM.bat
2017-09-30 22:16 - 2017-10-01 17:22 - 000000000 ____D C:\AdwCleaner
2017-09-30 22:15 - 2017-10-01 17:20 - 008250832 _____ (Malwarebytes) C:\Users\Jezevec\Desktop\adwcleaner_7.0.3.1.exe
2017-09-30 19:18 - 2017-10-01 18:09 - 000000000 ____D C:\FRST
2017-09-30 19:15 - 2017-10-01 18:07 - 002399744 _____ (Farbar) C:\Users\Jezevec\Desktop\FRST64.exe
2017-09-30 15:26 - 2017-09-30 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-30 15:05 - 2017-09-30 15:05 - 000000000 ___HD C:\OneDriveTemp
2017-09-30 14:15 - 2017-09-30 14:15 - 000041586 _____ C:\ComboFix.txt
2017-09-30 13:21 - 2017-09-30 14:15 - 000000000 ____D C:\Qoobox
2017-09-30 13:21 - 2017-09-30 14:15 - 000000000 ____D C:\ComboFix
2017-09-30 13:21 - 2011-06-26 08:45 - 000256000 _____ C:\Windows\PEV.exe
2017-09-30 13:21 - 2010-11-07 19:20 - 000208896 _____ C:\Windows\MBR.exe
2017-09-30 13:21 - 2009-04-20 06:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000098816 _____ C:\Windows\sed.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000080412 _____ C:\Windows\grep.exe
2017-09-30 13:21 - 2000-08-31 02:00 - 000068096 _____ C:\Windows\zip.exe
2017-09-30 13:20 - 2017-09-30 14:12 - 000000000 ____D C:\Windows\erdnt
2017-09-30 13:14 - 2017-09-30 13:14 - 005660248 ____R (Swearware) C:\Users\Jezevec\Desktop\ComboFix.exe
2017-09-25 16:58 - 2017-09-25 16:58 - 001969808 _____ C:\Users\Jezevec\Desktop\AYR001_AYD-20_OM_CZ.pdf
2017-09-25 15:42 - 2017-09-25 15:42 - 000000211 _____ C:\Users\Jezevec\Desktop\Go-Myanmar.com.URL
2017-09-23 17:44 - 2017-09-30 22:21 - 000003606 _____ C:\Windows\System32\Tasks\AutoKMS
2017-09-23 17:44 - 2017-09-24 17:44 - 000000000 ____D C:\Windows\AutoKMS
2017-09-23 17:43 - 2017-09-23 17:43 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2017-09-23 16:14 - 2017-09-23 16:14 - 000000000 ____D C:\$AV_ASW
2017-09-23 16:10 - 2017-09-23 16:10 - 000000000 ____D C:\Program Files (x86)\360
2017-09-23 16:09 - 2017-10-01 12:21 - 000000000 ____D C:\ProgramData\LCFApp
2017-09-23 16:09 - 2017-09-23 16:09 - 000140800 _____ C:\Users\Jezevec\AppData\Local\installer.dat
2017-09-23 16:09 - 2017-09-23 16:09 - 000000000 ____D C:\Users\Public\Thunder Network
2017-09-23 16:09 - 2017-09-23 16:09 - 000000000 ____D C:\ProgramData\Thunder Network
2017-09-22 15:33 - 2017-09-22 15:45 - 000000000 ____D C:\Users\Jezevec\Desktop\Nová složka
2017-09-22 01:38 - 2017-09-22 01:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-09-20 18:48 - 2017-09-20 18:48 - 000049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-09-20 18:48 - 2017-09-20 18:48 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-09-20 18:48 - 2017-09-20 18:48 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-09-14 23:27 - 2017-09-14 23:27 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive for PC is now Backup and Sync from Google.lnk
2017-09-14 23:27 - 2017-09-14 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-09-12 23:50 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-12 23:50 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-12 23:50 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-12 23:50 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-12 23:50 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-12 23:50 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-12 23:50 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-12 23:50 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-12 23:50 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-12 23:50 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-12 23:50 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-12 23:50 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-12 23:50 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-12 23:50 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-12 23:50 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-12 23:50 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-12 23:50 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-12 23:50 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-12 23:50 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-12 23:50 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-12 23:50 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-12 23:50 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-12 23:50 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-12 23:50 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-12 23:50 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-12 23:50 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-12 23:50 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-12 23:50 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-12 23:50 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-12 23:50 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-12 23:50 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-12 23:50 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-12 23:50 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-12 23:50 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-12 23:50 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-12 23:50 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-12 23:50 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-12 23:50 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-12 23:50 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-12 23:50 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-12 23:50 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-12 23:50 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-12 23:50 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-12 23:49 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-12 23:49 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-12 23:49 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-12 23:49 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-12 23:49 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-12 23:49 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-12 23:49 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-12 23:49 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-12 23:49 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-12 23:49 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-12 23:49 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-12 23:49 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-12 23:49 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-12 23:49 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-12 23:49 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-12 23:49 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-12 23:49 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-12 23:49 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-12 23:49 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-12 23:49 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-12 23:49 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-12 23:49 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-12 23:49 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-12 23:49 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-12 23:49 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-12 23:49 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-12 23:49 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-12 23:49 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-12 23:49 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-12 23:49 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-12 23:49 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-12 23:49 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-12 23:49 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-12 23:49 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-12 23:49 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-12 23:49 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-12 23:49 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-12 23:49 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-12 23:49 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-12 23:49 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-12 23:49 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-12 23:49 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-12 23:49 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-12 23:49 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-12 23:49 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-12 23:49 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-12 23:49 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-12 23:49 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-12 23:49 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-12 23:49 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-12 23:49 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-12 23:49 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-12 23:49 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-12 23:49 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-12 23:49 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-12 23:49 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-12 23:49 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-12 23:49 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-12 23:49 - 2017-08-11 08:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-12 23:49 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-12 23:49 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-12 23:49 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-12 23:49 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-12 23:49 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-12 23:49 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-12 23:49 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-12 23:49 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-12 23:49 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-12 23:49 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-12 23:49 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-12 23:49 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-12 23:49 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-12 23:49 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-12 23:49 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-12 23:49 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-12 23:49 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-12 23:49 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-12 23:49 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-12 23:49 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-12 23:49 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-12 23:49 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-12 23:49 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-12 23:49 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-12 23:49 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-12 23:49 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-12 23:49 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-08 18:04 - 2017-09-09 20:37 - 000000000 ____D C:\Windows\Minidump

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-01 17:37 - 2016-06-22 08:16 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-10-01 08:37 - 2016-06-22 08:16 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-10-01 03:41 - 2009-07-14 06:45 - 000022016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-01 03:41 - 2009-07-14 06:45 - 000022016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-30 22:24 - 2010-11-21 11:27 - 000671834 _____ C:\Windows\system32\perfh005.dat
2017-09-30 22:24 - 2010-11-21 11:27 - 000142430 _____ C:\Windows\system32\perfc005.dat
2017-09-30 22:24 - 2009-07-14 07:13 - 001591974 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-30 22:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-30 22:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-30 22:20 - 2017-03-27 14:15 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-30 22:20 - 2016-11-17 11:20 - 000000000 ___RD C:\Users\Jezevec\OneDrive
2017-09-30 22:20 - 2016-10-01 10:09 - 000000000 ___RD C:\Users\Jezevec\Disk Google
2017-09-30 22:20 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-30 22:19 - 2016-08-19 21:41 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-09-30 22:15 - 2016-06-21 16:49 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\MediaMonkey
2017-09-30 15:02 - 2014-09-02 15:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-30 14:58 - 2017-03-18 10:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-30 14:20 - 2017-03-01 16:07 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-30 14:12 - 2009-07-14 04:34 - 000000215 _____ C:\Windows\system.ini
2017-09-29 20:07 - 2016-06-21 19:05 - 000000000 ____D C:\Users\Jezevec\Desktop\OPF
2017-09-29 19:43 - 2016-06-21 19:50 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\BitComet
2017-09-29 18:44 - 2016-06-21 10:24 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\vlc
2017-09-29 17:03 - 2016-06-20 13:17 - 000000000 ___RD C:\Users\Public\!Canon Scan
2017-09-26 02:28 - 2016-06-22 09:56 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-26 02:28 - 2016-06-22 09:56 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 18:49 - 2016-06-21 10:21 - 000361784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-09-24 13:22 - 2016-06-22 08:19 - 000000000 ___RD C:\Users\Jezevec\Dropbox
2017-09-23 17:35 - 2017-03-02 10:29 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\DAEMON Tools Lite
2017-09-23 16:36 - 2017-05-08 12:28 - 000000000 ____D C:\Program Files (x86)\Matlafous
2017-09-22 15:49 - 2016-06-22 08:25 - 000000000 ____D C:\Users\Jezevec\AppData\Roaming\XnView
2017-09-22 01:39 - 2016-06-22 08:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-21 16:49 - 2017-07-27 16:47 - 000003180 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3508648510-883788364-2179421100-1001
2017-09-21 16:49 - 2016-11-17 11:20 - 000002188 _____ C:\Users\Jezevec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-09-18 18:49 - 2016-06-21 10:21 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-09-18 11:48 - 2016-09-06 16:55 - 000000000 ____D C:\Users\Jezevec\AppData\Local\CrashDumps
2017-09-13 09:23 - 2016-06-24 16:40 - 000000000 ____D C:\Users\Jezevec\AppData\Local\ElevatedDiagnostics
2017-09-13 04:04 - 2016-09-15 09:36 - 000000000 ____D C:\Windows\rescache
2017-09-13 03:27 - 2009-07-14 06:45 - 000566008 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-13 03:09 - 2014-09-02 16:40 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 03:07 - 2014-09-02 16:40 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-13 03:06 - 2009-07-14 04:34 - 000000478 _____ C:\Windows\win.ini
2017-09-13 03:01 - 2014-09-02 17:13 - 001566688 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-12 19:38 - 2016-06-21 10:29 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-12 19:38 - 2016-06-21 10:29 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-12 19:38 - 2016-06-21 10:29 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-12 19:38 - 2014-09-02 15:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-12 19:38 - 2014-09-02 15:46 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-09 20:39 - 2017-03-16 18:41 - 000000000 ____D C:\Windows\pss
2017-09-08 18:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-01 14:11 - 2017-08-12 11:10 - 000053806 _____ C:\Users\Jezevec\Desktop\Beneš.rp

==================== Files in the root of some directories =======

2015-03-26 13:48 - 2015-03-26 13:48 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2017-06-24 16:19 - 2017-06-24 16:19 - 019110936 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-06-22 11:34 - 2017-06-01 13:34 - 000009125 _____ () C:\Users\Jezevec\AppData\Roaming\SmarThruOptions.xml
2016-06-24 21:05 - 2016-06-24 21:05 - 000003584 _____ () C:\Users\Jezevec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-23 16:09 - 2017-09-23 16:09 - 000140800 _____ () C:\Users\Jezevec\AppData\Local\installer.dat
2016-08-23 15:06 - 2016-08-23 15:06 - 000000001 _____ () C:\Users\Jezevec\AppData\Local\llftool.4.40.agreement
2017-10-01 18:08 - 2017-10-01 18:08 - 000029696 _____ () C:\Users\Jezevec\AppData\Local\MSGBOX.EXE
2017-04-13 13:11 - 2017-04-13 13:11 - 000000000 _____ () C:\Users\Jezevec\AppData\Local\{9F1DFCBA-091C-467A-ABE6-7DBDE974CB42}
2016-06-21 10:51 - 2016-06-21 10:51 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-30 00:54

==================== End of FRST.txt ============================

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 18:13
od Rudy
OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Windows\AutoKMS
C:\Users\Jezevec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 18:18
od datel32
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-10-2017
Ran by Jezevec (01-10-2017 19:16:37) Run:1
Running from C:\Users\Jezevec\Desktop
Loaded Profiles: Jezevec (Available Profiles: Jezevec)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\Windows\AutoKMS
C:\Users\Jezevec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\System\CurrentControlSet\Services\catchme => key removed successfully
catchme => service removed successfully
C:\Windows\AutoKMS => moved successfully
C:\Users\Jezevec\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 121760484 B
Java, Flash, Steam htmlcache => 946 B
Windows/system/drivers => 33048 B
Edge => 0 B
Chrome => 7800138 B
Firefox => 389566818 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 127850 B
systemprofile32 => 66228 B
LocalService => 66228 B
NetworkService => 66228 B
Jezevec => 85294132 B

RecycleBin => 219830 B
EmptyTemp: => 585 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:17:03 ====

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 19:12
od Rudy
Smazáno. Nastala nějaká změna?

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 19:17
od datel32
Dnes se neotevřelo žádné nežádoucí okno FF ale Avast 3x vyhodil tohle varování (od posledního scanu FRST 19:15)

Obrázek

Re: Avast hrozí a v FF vyskakují nová okna

Napsal: 01 říj 2017 20:15
od Rudy
Vyčistíme prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz