VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola, podezření na COM surrogate

https://forum.viry.cz:443/viewtopic.php?t=153686

Stránka 1 z 2

Kontrola, podezření na COM surrogate

Napsal: 01 úno 2018 22:18
od kakuki
Dobrý den, měla jsem disk vytížený na 100% a tak jsem ve správci hledala, co ho způsobuje. Mimo jiné se mi zobrazil COM surrogate, což je podle některých stránek nebezpečný trojský kůň. Nevím jestli zbytečně neblázním, ale počítač bych měla raději zkontrolovaný.
Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaroslav at 2018-02-01 22:11:05
Microsoft Windows 10 Home
System drive C: has 67 GB (36%) free of 183 GB
Total RAM: 3946 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:12, on 1.2.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0850)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\PROGRA~2\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe
C:\Program Files\trend micro\Jaroslav.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Gold! RemindBoard] C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jaroslav\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRRE.EXE /EPT "EPLTarget\P0000000000000000" /M "L382 Series"
O4 - HKCU\..\Run: [Copernic Desktop Search] "C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe" /tray
O4 - HKCU\..\RunOnce: [Uninstall 17.3.7131.1115\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jaroslav\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 17.3.7131.1115] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jaroslav\AppData\Local\Microsoft\OneDrive\17.3.7131.1115"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Sticky Notes.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem10.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11023 bytes

======Listing Processes======








c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection

C:\WINDOWS\system32\WLANExt.exe 2069062171376
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\WINDOWS\system32\BtwRSupportService.exe
C:\WINDOWS\system32\EscSvc64.exe

C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
dashost.exe {13200c0f-0a41-48ed-9bfa42c514166ec0}
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k networkservice -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -s DoSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
AvastUI.exe /nogui
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
taskhostw.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\System32\spoolsv.exe
C:\PROGRA~2\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x1e4,0x1e8,0x1ec,0x1e0,0x1f0,0x7ffb83945720,0x7ffb83945760,0x7ffb83945738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=12120 --on-initialized-event-handle=648 --parent-handle=652 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --gpu-driver-date=11-4-2015 --service-request-channel-token=E82B4959F810495642F63846FEA4A173 --mojo-platform-channel-handle=1588 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=C735C522AAE10660B3789A0769BC19BD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=C735C522AAE10660B3789A0769BC19BD --renderer-client-id=4 --mojo-platform-channel-handle=3004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=EC0459A62808377E0953156273A33385 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=EC0459A62808377E0953156273A33385 --renderer-client-id=5 --mojo-platform-channel-handle=3040 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=9087B903238B27666FB13BC35BC3BBB3 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=9087B903238B27666FB13BC35BC3BBB3 --renderer-client-id=8 --mojo-platform-channel-handle=3176 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=CEB9C0E7CCBE1F2752B225050DE00436 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=CEB9C0E7CCBE1F2752B225050DE00436 --renderer-client-id=9 --mojo-platform-channel-handle=3184 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=1A0EEF66E0BF99F5DA1D6743A64A1DF3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=1A0EEF66E0BF99F5DA1D6743A64A1DF3 --renderer-client-id=13 --mojo-platform-channel-handle=8000 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=CAF95FD41E4219C2D1FB83EE88F59C66 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=CAF95FD41E4219C2D1FB83EE88F59C66 --renderer-client-id=12 --mojo-platform-channel-handle=7956 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=E59D17DF29D3E57CFA7AD225814E7520 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=E59D17DF29D3E57CFA7AD225814E7520 --renderer-client-id=11 --mojo-platform-channel-handle=8868 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=39C6FF39AF918258D52E305A2EC6EDBA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=39C6FF39AF918258D52E305A2EC6EDBA --renderer-client-id=10 --mojo-platform-channel-handle=6056 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=A548F14E52A470C0058CF7BDE88179D6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=A548F14E52A470C0058CF7BDE88179D6 --renderer-client-id=24 --mojo-platform-channel-handle=10004 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=38E51B6980558D51AB95ADF226BE86F6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=38E51B6980558D51AB95ADF226BE86F6 --renderer-client-id=26 --mojo-platform-channel-handle=10232 /prefetch:1
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=0815599F6CA3A8476961135A03A66D14 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=0815599F6CA3A8476961135A03A66D14 --renderer-client-id=42 --mojo-platform-channel-handle=6940 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=2153EDF5FF93FD3B791F5BC28BC29D52 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=2153EDF5FF93FD3B791F5BC28BC29D52 --renderer-client-id=62 --mojo-platform-channel-handle=12632 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 664 668 676 8192 672
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,12300742199025597949,13534671281648646560,131072 --service-pipe-token=8EA1C5158950ABC168C75471D91125EB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=8EA1C5158950ABC168C75471D91125EB --renderer-client-id=66 --mojo-platform-channel-handle=4748 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x6d8
"C:\Users\Jaroslav\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Defraggler Volume C Task.job - C:\Program Files\Defraggler\df64.exe "C:" /ts /user "Jaroslav" /appPath "C:\Program Files\Defraggler"
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000Core.job - C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000UA.job - C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\EPSON L382 Series Update {2236B9FE-0473-465A-92DF-586F369B52F0}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRRE.EXE /EXE:"{2236B9FE-0473-465A-92DF-586F369B52F0}" /F:"Update"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-17 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-17 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-21 2149160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-17 14040296]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-05 246120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-13 143144]
"OneDrive"=C:\Users\Jaroslav\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-31 1554080]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-07-18 3062560]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2018-01-29 5362760]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRRE.EXE [2014-11-14 417776]
"Copernic Desktop Search"=C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe /tray []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall 17.3.7131.1115\amd64"=C:\WINDOWS\system32\cmd.exe [2017-03-18 271872]
"Uninstall 17.3.7131.1115"=C:\WINDOWS\system32\cmd.exe [2017-03-18 271872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop]
C:\Program Files (x86)\4shared Desktop\desktop.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27 1171480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-14 1840720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-26 652624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFARestart]
C:\ProgramData\MFAData\pack\avgrunasx.exe /usereg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Jaroslav\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Jaroslav\AppData\Roaming\Spotify\SpotifyWebHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherBugAlert]
C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe [2010-02-22 442368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut11_C03C290FA6F54A2B8A2DFE2786A1E275.exe [2010-10-21 156952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]
"Gold! RemindBoard"=C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-03-14 1092304]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-10-08 2137744]

C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe
Sticky Notes.lnk -

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-01 22:11:05 ----D---- C:\rsit
2018-02-01 22:04:08 ----SHD---- C:\Config.Msi
2018-02-01 21:12:18 ----D---- C:\Users\Jaroslav\AppData\Roaming\Tracker Software
2018-02-01 20:40:42 ----D---- C:\ProgramData\Wondershare
2018-02-01 20:33:26 ----D---- C:\Users\Jaroslav\AppData\Roaming\Wondershare
2018-01-29 18:38:12 ----D---- C:\Users\Jaroslav\AppData\Roaming\.mono
2018-01-23 15:16:45 ----HD---- C:\$WINDOWS.~BT
2018-01-18 01:09:51 ----D---- C:\ProgramData\SWCUTemp
2018-01-17 21:50:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2018-01-17 21:50:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-01-17 21:50:12 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-01-17 21:50:12 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-01-17 21:50:12 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-01-17 21:50:11 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2018-01-17 21:50:11 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-01-17 21:50:11 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-01-17 21:50:11 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2018-01-17 21:50:11 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2018-01-17 21:50:10 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-01-17 21:50:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.Phone.dll
2018-01-17 21:50:10 ----A---- C:\WINDOWS\SYSWOW64\mapistub.dll
2018-01-17 21:50:10 ----A---- C:\WINDOWS\SYSWOW64\mapi32.dll
2018-01-17 21:50:10 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2018-01-17 21:50:10 ----A---- C:\WINDOWS\SYSWOW64\fixmapi.exe
2018-01-17 21:50:04 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2018-01-17 21:50:04 ----A---- C:\WINDOWS\system32\BFE.DLL
2018-01-17 21:50:03 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-01-17 21:50:03 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-01-17 21:50:02 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-01-17 21:50:02 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-17 21:50:02 ----A---- C:\WINDOWS\system32\mapistub.dll
2018-01-17 21:50:02 ----A---- C:\WINDOWS\system32\mapi32.dll
2018-01-17 21:50:02 ----A---- C:\WINDOWS\system32\fixmapi.exe
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\NotificationController.dll
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\ci.dll
2018-01-17 21:50:01 ----A---- C:\WINDOWS\system32\certprop.dll
2018-01-17 21:50:00 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-01-17 21:50:00 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-01-17 21:50:00 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-01-17 21:50:00 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-01-17 21:49:59 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2018-01-17 21:49:59 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-01-17 21:49:58 ----A---- C:\WINDOWS\system32\twinui.dll
2018-01-17 21:49:55 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-01-17 21:49:55 ----A---- C:\WINDOWS\system32\provhandlers.dll
2018-01-17 21:49:55 ----A---- C:\WINDOWS\system32\provengine.dll
2018-01-17 21:49:55 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-17 21:49:54 ----A---- C:\WINDOWS\system32\WinSCard.dll
2018-01-17 21:49:54 ----A---- C:\WINDOWS\system32\vpnike.dll
2018-01-17 21:49:42 ----A---- C:\WINDOWS\system32\wldp.dll
2018-01-17 21:49:23 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-01-17 21:49:19 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2018-01-17 21:49:16 ----A---- C:\WINDOWS\system32\provdatastore.dll
2018-01-17 21:49:11 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-01-17 21:49:09 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-17 21:49:08 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2018-01-17 21:49:05 ----A---- C:\WINDOWS\system32\provops.dll
2018-01-17 21:48:57 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2018-01-17 21:48:49 ----A---- C:\WINDOWS\system32\SCardBi.dll
2018-01-12 17:41:59 ----AD---- C:\Program Files\rempl
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-01-08 14:03:53 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-01-08 14:03:52 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2018-01-08 14:03:52 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-01-08 14:03:52 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-01-08 14:03:51 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-01-08 14:03:51 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2018-01-08 14:03:51 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-01-08 14:03:51 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-01-08 14:03:50 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-01-08 14:03:50 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-01-08 14:03:50 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2018-01-08 14:03:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-01-08 14:03:49 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-01-08 14:03:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-01-08 14:03:44 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-01-08 14:03:44 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-01-08 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-01-08 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-01-08 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2018-01-08 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-01-08 14:03:43 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-08 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2018-01-08 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\SyncController.dll
2018-01-08 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-01-08 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2018-01-08 14:03:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-01-08 14:03:42 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-01-08 14:03:41 ----A---- C:\WINDOWS\SYSWOW64\ssdpapi.dll
2018-01-08 14:03:41 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-01-08 14:03:41 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-01-08 14:03:41 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-01-08 14:03:41 ----A---- C:\WINDOWS\system32\drivers\vmstorfl.sys
2018-01-08 14:03:41 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-01-08 14:03:41 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\wwapi.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\wshhyperv.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\taskcomp.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\SessEnv.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2018-01-08 14:03:40 ----A---- C:\WINDOWS\system32\drivers\vpci.sys
2018-01-08 14:03:40 ----A---- C:\WINDOWS\system32\drivers\storvsc.sys
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\xolehlp.dll
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-01-08 14:03:39 ----A---- C:\WINDOWS\SYSWOW64\dot3dlg.dll
2018-01-08 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2018-01-08 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\wmiprop.dll
2018-01-08 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\rdvvmtransport.dll
2018-01-08 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\jsproxy.dll
2018-01-08 14:03:38 ----A---- C:\WINDOWS\SYSWOW64\fdPnp.dll
2018-01-08 14:03:38 ----A---- C:\WINDOWS\system32\drivers\Synth3dVsc.sys
2018-01-08 14:03:38 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-01-08 14:03:38 ----A---- C:\WINDOWS\system32\drivers\rdpbus.sys
2018-01-08 14:03:38 ----A---- C:\WINDOWS\system32\drivers\dmvsc.sys
2018-01-08 14:03:37 ----A---- C:\WINDOWS\SYSWOW64\PimIndexMaintenanceClient.dll
2018-01-08 14:03:37 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2018-01-08 14:03:37 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2018-01-08 14:03:37 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-01-08 14:03:37 ----A---- C:\WINDOWS\system32\drivers\vmgid.sys
2018-01-08 14:03:36 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-01-08 14:03:36 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2018-01-08 14:03:36 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2018-01-08 14:03:36 ----A---- C:\WINDOWS\SYSWOW64\fdWNet.dll
2018-01-08 14:03:33 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-01-08 14:03:32 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-01-08 14:03:32 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2018-01-08 14:03:32 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-01-08 14:03:32 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-01-08 14:03:32 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-01-08 14:03:30 ----A---- C:\WINDOWS\system32\utcutil.dll
2018-01-08 14:03:30 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-01-08 14:03:30 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-01-08 14:03:30 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-01-08 14:03:30 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-08 14:03:30 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-01-08 14:03:29 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-01-08 14:03:29 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-01-08 14:03:28 ----A---- C:\WINDOWS\system32\SessEnv.dll
2018-01-08 14:03:28 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-08 14:03:28 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-01-08 14:03:28 ----A---- C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
2018-01-08 14:03:28 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\rdvvmtransport.dll
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\drivers\storqosflt.sys
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2018-01-08 14:03:27 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-01-08 14:03:26 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2018-01-08 14:03:26 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-01-08 14:03:25 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-01-08 14:03:25 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-01-08 14:03:25 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-08 14:03:25 ----A---- C:\WINDOWS\system32\offreg.dll
2018-01-08 14:03:25 ----A---- C:\WINDOWS\system32\ieui.dll
2018-01-08 14:03:24 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-01-08 14:03:24 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-01-08 14:03:24 ----A---- C:\WINDOWS\system32\mqqm.dll
2018-01-08 14:03:23 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-01-08 14:03:23 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-01-08 14:03:23 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\rmclient.dll
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\P2P.dll
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\msvcp110_win.dll
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\drivers\pcw.sys
2018-01-08 14:03:22 ----A---- C:\WINDOWS\system32\drivers\mqac.sys
2018-01-08 14:03:21 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-01-08 14:03:21 ----A---- C:\WINDOWS\system32\nsisvc.dll
2018-01-08 14:03:21 ----A---- C:\WINDOWS\system32\ncbservice.dll
2018-01-08 14:03:21 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys
2018-01-08 14:03:21 ----A---- C:\WINDOWS\splwow64.exe
2018-01-08 14:03:20 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-01-08 14:03:20 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-01-08 14:03:20 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-01-08 14:03:19 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-01-08 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-01-08 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-01-08 14:03:17 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-01-08 14:03:17 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-01-08 14:03:16 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-01-08 14:03:14 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-01-08 14:03:14 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-01-08 14:03:14 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-01-08 14:03:13 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2018-01-08 14:03:13 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-01-08 14:03:12 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-01-08 14:03:12 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-01-08 14:03:10 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-01-08 14:03:10 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-01-08 14:03:10 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-01-08 14:03:10 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-01-08 14:03:10 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-01-08 14:03:10 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-01-08 14:03:09 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-01-08 14:03:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-01-08 14:03:08 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-01-08 14:03:08 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-01-08 14:03:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-01-08 14:03:08 ----A---- C:\WINDOWS\system32\hal.dll
2018-01-08 14:03:07 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-01-08 14:03:07 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-01-08 14:03:07 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2018-01-08 14:03:07 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-01-08 14:03:06 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-01-08 14:03:06 ----A---- C:\WINDOWS\system32\jscript.dll
2018-01-08 14:03:05 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-01-08 14:03:04 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-08 14:03:04 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-01-08 14:03:03 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-01-08 14:03:03 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-01-08 14:03:02 ----A---- C:\WINDOWS\system32\ole32.dll
2018-01-08 14:03:02 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-01-08 14:03:01 ----A---- C:\WINDOWS\system32\wscsvc.dll
2018-01-08 14:03:01 ----A---- C:\WINDOWS\system32\psmsrv.dll
2018-01-08 14:03:00 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-01-08 14:03:00 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-01-08 14:02:59 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-01-08 14:02:56 ----A---- C:\WINDOWS\system32\winresume.exe
2018-01-08 14:02:56 ----A---- C:\WINDOWS\system32\winload.exe
2018-01-08 14:02:55 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-08 14:02:54 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-01-08 14:02:54 ----A---- C:\WINDOWS\system32\wc_storage.dll
2018-01-08 14:02:54 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-01-08 14:02:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-01-08 14:02:53 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-01-08 14:02:52 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-01-08 14:02:52 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2018-01-08 14:02:52 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-01-08 14:02:51 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-01-08 14:02:51 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-01-08 14:02:51 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-01-08 14:02:51 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2018-01-08 14:02:51 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-01-08 14:02:51 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-01-08 14:02:50 ----A---- C:\WINDOWS\SYSWOW64\msvcp110_win.dll
2018-01-08 14:02:50 ----A---- C:\WINDOWS\system32\drivers\vdrvroot.sys
2018-01-08 14:02:50 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys
2018-01-08 14:02:49 ----A---- C:\WINDOWS\SYSWOW64\pngfilt.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\SYSWOW64\occache.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\SYSWOW64\JavaScriptCollectionAgent.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\SYSWOW64\inseng.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\SYSWOW64\imgutil.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\system32\xolehlp.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\system32\licmgr10.dll
2018-01-08 14:02:49 ----A---- C:\WINDOWS\system32\dot3dlg.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\SYSWOW64\licmgr10.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\system32\rasauto.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\system32\occache.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\system32\imgutil.dll
2018-01-08 14:02:48 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2018-01-08 14:02:47 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2018-01-08 14:02:47 ----A---- C:\WINDOWS\system32\inseng.dll
2018-01-08 14:02:47 ----A---- C:\WINDOWS\system32\iesysprep.dll
2018-01-08 14:02:47 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-01-08 14:02:47 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-01-08 14:02:47 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\pngfilt.dll
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\hlink.dll
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\dot3svc.dll
2018-01-08 14:02:46 ----A---- C:\WINDOWS\system32\adhsvc.dll
2018-01-08 14:02:45 ----A---- C:\WINDOWS\SYSWOW64\iesysprep.dll
2018-01-08 14:02:45 ----A---- C:\WINDOWS\SYSWOW64\iesetup.dll
2018-01-08 14:02:45 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-01-08 14:02:45 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2018-01-08 14:02:45 ----A---- C:\WINDOWS\system32\drivers\irda.sys
2018-01-08 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\mshta.exe
2018-01-08 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\iexpress.exe
2018-01-08 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\ieUnatt.exe
2018-01-08 14:02:44 ----A---- C:\WINDOWS\SYSWOW64\IEAdvpack.dll
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\wextract.exe
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\mshta.exe
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\ieUnatt.exe
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\iesetup.dll
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\iernonce.dll
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\IEAdvpack.dll
2018-01-08 14:02:44 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys
2018-01-08 14:02:43 ----A---- C:\WINDOWS\SYSWOW64\wextract.exe
2018-01-08 14:02:43 ----A---- C:\WINDOWS\SYSWOW64\url.dll
2018-01-08 14:02:43 ----A---- C:\WINDOWS\SYSWOW64\iernonce.dll
2018-01-08 14:02:43 ----A---- C:\WINDOWS\system32\url.dll
2018-01-08 14:02:43 ----A---- C:\WINDOWS\system32\iexpress.exe
2018-01-08 14:02:42 ----A---- C:\WINDOWS\SYSWOW64\perfhost.exe
2018-01-08 14:02:42 ----A---- C:\WINDOWS\SYSWOW64\msfeedssync.exe
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\drivers\null.sys
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\container_xml.dll
2018-01-08 14:02:42 ----A---- C:\WINDOWS\system32\container.dll
2018-01-08 14:02:41 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-01-08 14:02:41 ----A---- C:\WINDOWS\system32\msrating.dll
2018-01-08 14:02:40 ----A---- C:\WINDOWS\system32\hvloader.exe
2018-01-08 14:02:40 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-01-08 14:02:40 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-01-08 14:02:39 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-01-08 14:02:39 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-01-08 14:02:39 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-01-08 14:02:39 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2018-01-08 14:02:39 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-01-08 14:02:38 ----A---- C:\WINDOWS\system32\msIso.dll
2018-01-08 14:02:38 ----A---- C:\WINDOWS\system32\kerberos.dll
2018-01-08 14:02:38 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-01-08 14:02:37 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-01-08 14:02:37 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-01-08 14:02:37 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-01-08 14:02:37 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-01-08 14:02:36 ----A---- C:\WINDOWS\system32\wininet.dll
2018-01-08 14:02:36 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-01-08 14:02:36 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-01-08 14:02:35 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-01-08 14:02:35 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-01-08 14:02:34 ----A---- C:\WINDOWS\system32\srvsvc.dll
2018-01-08 14:02:34 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2018-01-08 14:02:34 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-01-08 14:02:33 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-01-08 14:02:33 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-01-08 14:02:32 ----A---- C:\WINDOWS\system32\shell32.dll
2018-01-08 14:02:31 ----A---- C:\WINDOWS\system32\httpprxm.dll
2018-01-08 14:02:30 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2018-01-08 14:02:25 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-08 14:02:25 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-01-08 14:02:25 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-01-08 14:02:24 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-08 14:02:23 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-01-08 14:02:22 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-01-08 14:02:22 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-01-08 14:02:22 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-01-08 14:02:22 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2018-01-08 14:02:22 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-08 14:02:22 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2018-01-08 14:02:21 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2018-01-08 14:02:21 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-01-08 14:02:21 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-01-08 14:02:20 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2018-01-08 14:02:20 ----A---- C:\WINDOWS\system32\usocore.dll
2018-01-08 14:02:20 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-01-08 14:02:20 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-01-08 14:02:20 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-01-08 14:02:19 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-01-08 14:02:19 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-01-08 14:02:18 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-08 14:02:17 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-01-08 14:02:17 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-01-08 14:02:17 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-01-08 14:02:16 ----A---- C:\WINDOWS\system32\wow64.dll
2018-01-08 14:02:16 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-08 14:02:16 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-01-08 14:02:16 ----A---- C:\WINDOWS\system32\efssvc.dll
2018-01-08 14:02:15 ----A---- C:\WINDOWS\system32\skci.dll
2018-01-08 14:02:15 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-01-08 14:02:15 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-01-08 14:02:15 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-08 14:02:15 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-01-08 14:02:14 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-01-08 14:02:14 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-01-08 14:02:14 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2018-01-08 14:02:14 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-01-08 14:02:14 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-01-08 14:02:14 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-08 14:02:13 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2018-01-08 14:02:13 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-01-08 14:02:13 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2018-01-08 14:02:13 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2018-01-08 14:02:13 ----A---- C:\WINDOWS\system32\consent.exe
2018-01-08 14:02:12 ----A---- C:\WINDOWS\system32\wwapi.dll
2018-01-08 14:02:12 ----A---- C:\WINDOWS\system32\LsaIso.exe
2018-01-08 14:02:12 ----A---- C:\WINDOWS\system32\logoncli.dll
2018-01-08 14:02:12 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2018-01-08 14:02:12 ----A---- C:\WINDOWS\system32\drivers\winhv.sys
2018-01-08 14:02:12 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\wshhyperv.dll
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\IumSdk.dll
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\iumdll.dll
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\iumbase.dll
2018-01-08 14:02:11 ----A---- C:\WINDOWS\system32\hvhostsvc.dll
2018-01-08 14:02:10 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-01-08 14:02:10 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-01-08 14:02:10 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2018-01-08 14:02:10 ----A---- C:\WINDOWS\system32\icsvcext.dll
2018-01-08 14:02:10 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-01-08 14:02:09 ----A---- C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-01-08 14:02:09 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2018-01-08 14:02:09 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-01-08 14:02:09 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-01-08 14:02:09 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-01-08 14:02:09 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\jsproxy.dll
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\icsvc.dll
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\dssvc.dll
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\drivers\lltdio.sys
2018-01-08 14:02:08 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2018-01-08 14:02:07 ----A---- C:\WINDOWS\system32\wmiprop.dll
2018-01-08 14:02:07 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-08 14:02:07 ----A---- C:\WINDOWS\system32\pcadm.dll
2018-01-08 14:02:07 ----A---- C:\WINDOWS\system32\fdPnp.dll
2018-01-08 14:02:07 ----A---- C:\WINDOWS\system32\efslsaext.dll
2018-01-08 14:02:07 ----A---- C:\WINDOWS\system32\drivers\winhvr.sys
2018-01-08 14:02:06 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-08 14:02:06 ----A---- C:\WINDOWS\system32\drivers\hyperkbd.sys
2018-01-08 14:02:06 ----A---- C:\WINDOWS\system32\drivers\beep.sys
2018-01-08 14:02:05 ----A---- C:\WINDOWS\system32\drivers\vms3cap.sys
2018-01-08 14:02:05 ----A---- C:\WINDOWS\system32\drivers\vmgencounter.sys
2018-01-08 14:02:05 ----A---- C:\WINDOWS\system32\drivers\VMBusHID.sys
2018-01-08 14:02:05 ----A---- C:\WINDOWS\system32\drivers\gpuenergydrv.sys
2018-01-08 14:02:04 ----A---- C:\WINDOWS\system32\wkssvc.dll
2018-01-08 14:02:04 ----A---- C:\WINDOWS\system32\BrokerLib.dll
2018-01-08 14:02:03 ----A---- C:\WINDOWS\system32\WPTaskScheduler.dll
2018-01-08 14:02:03 ----A---- C:\WINDOWS\system32\TimeBrokerServer.dll
2018-01-08 14:02:03 ----A---- C:\WINDOWS\system32\sysntfy.dll
2018-01-08 14:02:03 ----A---- C:\WINDOWS\system32\keyiso.dll
2018-01-08 14:02:02 ----A---- C:\WINDOWS\system32\vmictimeprovider.dll
2018-01-08 14:02:02 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-01-08 14:02:02 ----A---- C:\WINDOWS\system32\nrpsrv.dll
2018-01-08 14:02:02 ----A---- C:\WINDOWS\system32\fdWNet.dll
2018-01-05 15:56:59 ----A---- C:\WINDOWS\system32\drivers\aswHdsKe.sys
2018-01-05 15:56:13 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-02-01 22:11:09 ----D---- C:\Program Files\trend micro
2018-02-01 22:08:56 ----D---- C:\WINDOWS\Temp
2018-02-01 22:04:28 ----SHD---- C:\WINDOWS\Installer
2018-02-01 22:04:28 ----D---- C:\ProgramData\Package Cache
2018-02-01 22:04:26 ----RD---- C:\Program Files
2018-02-01 22:04:26 ----HD---- C:\ProgramData
2018-02-01 22:04:12 ----D---- C:\WINDOWS\System32
2018-02-01 22:03:05 ----SHD---- C:\System Volume Information
2018-02-01 21:41:14 ----D---- C:\WINDOWS\system32\sru
2018-02-01 21:01:54 ----RD---- C:\Program Files (x86)
2018-02-01 21:01:22 ----D---- C:\WINDOWS\INF
2018-02-01 20:37:49 ----D---- C:\Program Files (x86)\Common Files
2018-02-01 20:37:11 ----D---- C:\WINDOWS\system32\config
2018-02-01 20:35:07 ----D---- C:\WINDOWS\WinSxS
2018-02-01 20:34:28 ----D---- C:\WINDOWS\SoftwareDistribution
2018-02-01 20:34:27 ----D---- C:\Windows
2018-02-01 11:28:18 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-01 11:11:53 ----HD---- C:\Program Files\WindowsApps
2018-02-01 11:11:53 ----D---- C:\WINDOWS\AppReadiness
2018-01-31 22:38:59 ----D---- C:\WINDOWS\system32\Tasks
2018-01-31 17:35:24 ----D---- C:\Users\Jaroslav\AppData\Roaming\Skype
2018-01-29 18:25:23 ----AD---- C:\Program Files (x86)\GOG Galaxy
2018-01-29 15:31:56 ----D---- C:\WINDOWS\system32\SleepStudy
2018-01-23 15:17:28 ----DC---- C:\WINDOWS\Panther
2018-01-23 15:01:52 ----D---- C:\WINDOWS\Logs
2018-01-22 15:39:37 ----D---- C:\WINDOWS\system32\drivers
2018-01-19 12:29:51 ----D---- C:\WINDOWS\rescache
2018-01-19 10:47:18 ----D---- C:\WINDOWS\system32\catroot2
2018-01-18 20:09:52 ----AD---- C:\Program Files (x86)\TeamSpeak 3 Client
2018-01-18 20:07:59 ----D---- C:\WINDOWS\debug
2018-01-18 01:05:33 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-01-18 01:05:33 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-01-18 01:05:33 ----D---- C:\WINDOWS\SysWOW64
2018-01-18 01:05:32 ----RSD---- C:\WINDOWS\Fonts
2018-01-18 01:05:32 ----D---- C:\WINDOWS\system32\Dism
2018-01-18 01:05:32 ----D---- C:\WINDOWS\system32\cs-CZ
2018-01-18 01:05:32 ----D---- C:\WINDOWS\system32\appraiser
2018-01-18 01:05:32 ----D---- C:\WINDOWS\Provisioning
2018-01-18 01:05:32 ----D---- C:\WINDOWS\AppPatch
2018-01-18 01:05:31 ----D---- C:\WINDOWS\system32\DriverStore
2018-01-17 22:04:27 ----D---- C:\WINDOWS\CbsTemp
2018-01-17 21:57:12 ----D---- C:\ProgramData\Microsoft Help
2018-01-11 14:58:02 ----D---- C:\WINDOWS\system32\MRT
2018-01-11 14:48:30 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-11 14:48:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-01-10 13:40:21 ----RD---- C:\WINDOWS\assembly
2018-01-10 07:48:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-09 23:12:48 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-01-09 23:12:48 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-01-09 23:12:42 ----SD---- C:\WINDOWS\system32\F12
2018-01-09 23:12:42 ----D---- C:\WINDOWS\system32\wbem
2018-01-09 23:12:42 ----D---- C:\WINDOWS\system32\migration
2018-01-09 23:12:41 ----D---- C:\WINDOWS\system32\Boot
2018-01-09 23:12:36 ----D---- C:\Program Files (x86)\Internet Explorer
2018-01-09 23:12:35 ----D---- C:\Program Files\Internet Explorer
2018-01-07 16:11:58 ----D---- C:\WINDOWS\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-01-05 199448]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-01-05 343768]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-01-05 57696]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-01-05 84384]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-01-05 358672]
R0 iaStor;@oem36.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2010-04-27 540696]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-01-05 185096]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-01-05 321512]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-01-05 149344]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-10 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-01-05 110336]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-01-05 1025176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-01-18 457896]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-01-01 8192]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-01-18 146648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-01-05 204456]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 AtiHDAudioService;@oem46.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 bcbtums;@oem10.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-10-28 170712]
R3 BCM43XX;@oem51.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 BTHUSB;@Bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-17 4519144]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-01-01 177664]
R3 Sftfs;Sftfs; C:\WINDOWS\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\WINDOWS\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-01-05 46976]
S3 BTHPORT;@Bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2017-09-11 982016]
S3 btwampfl;@oem10.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-10-28 166104]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;@oem59.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 ew_usbccgpfilter;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2017-04-11 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2018-01-01 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-01-01 120320]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\WINDOWS\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2010-11-11 15144]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;@oem42.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;@oem18.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2016-09-05 165504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

Bohužel se sem log nevešel, zbytek bude v komentářích.

Re: Kontrola, podezření na COM surrogate

Napsal: 01 úno 2018 22:18
od kakuki
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-05 301168]
R2 BcmBtRSupport;@oem10.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-10-28 2255064]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_d347aa;Uživatelská služba platformy připojených zařízení_d347aa; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2017-03-10 145224]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2017-04-11 192200]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-09-11 26112]
R2 OneSyncSvc_d347aa;Hostitel synchronizace_d347aa; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-09-17 312056]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-09-30 336320]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-01-05 7538536]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_d347aa;Data kontaktů_d347aa; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_d347aa;Tok zařízení_d347aa; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2018-01-29 532552]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2018-01-29 8345672]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_d347aa;Služba zasílání zpráv_d347aa; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2016-02-24 4362656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 891904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-07-18 1608480]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-17 272384]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2009-04-28 29184]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

Re: Kontrola, podezření na COM surrogate

Napsal: 02 úno 2018 10:26
od Márty84
Zdravim :)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Kontrola, podezření na COM surrogate

Napsal: 02 úno 2018 19:58
od kakuki
Log Adw

# AdwCleaner 7.0.7.0 - Logfile created on Fri Feb 02 18:47:31 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

Deleted: C:\Users\Jaroslav\AppData\Roaming\..\LocalLow\Microsoft\Internet Explorer\Services\\search_{EEE6C360-6118-11DC-9C72-001320C79847}.ico


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
Deleted: [Key] - HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [4880 B] - [2017/5/6 20:36:8]
C:/AdwCleaner/AdwCleaner[S0].txt - [20100 B] - [2015/7/13 16:43:34]
C:/AdwCleaner/AdwCleaner[S1].txt - [4742 B] - [2017/5/6 20:35:9]
C:/AdwCleaner/AdwCleaner[S2].txt - [1597 B] - [2018/2/2 18:45:45]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Re: Kontrola, podezření na COM surrogate

Napsal: 03 úno 2018 10:03
od kakuki
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 02.02.18
Čas skenování: 20:06
Logovací soubor: 1cb3169a-084c-11e8-ae29-002454eca298.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3854
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 15063.877)
CPU: x64
Systém souborů: NTFS
Uživatel: HEL\u00c4\u008cA-NOTEBOOK\Jaroslav

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 504005
Zjištěné hrozby: 91
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 12 hod, 3 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 2
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\7723387C8593EA63, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}, Žádná uživatelská akce, [7517], [175227],1.0.3854

Soubor: 89
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\CHROMEUTILS\APNNATIVEMSGHOST.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\CHROMEUTILS\APNNATIVEMSGHOST.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TBCOFFER\TBCOFFER.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR_X64.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\{PARTNERID}\PASSPORT.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\TBNOTIFIER.EXE.VIR, Žádná uživatelská akce, [464], [124638],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\{PARTNERID}\PASSPORT_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\APNMCP.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\SEARCHHOOK.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\SO.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\SERVICELOCATOR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR.EXE.VIR, Žádná uživatelská akce, [464], [307953],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATEMANAGER.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBARPS.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\SOURCE\PROGRAM FILES\VNT\VNTLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\PASSPORT_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\FF3\PASSPORT.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\CHROMEUTILS\APNNATIVEMSGHOST.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR_X64.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\{PARTNERID}\PASSPORT_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\{PARTNERID}\PASSPORT.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATER\TBNOTIFIER.EXE.VIR, Žádná uživatelská akce, [464], [124638],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\APNMCP.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\SEARCHHOOK.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\SERVICELOCATOR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\SO.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR.EXE.VIR, Žádná uživatelská akce, [464], [307953],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\TOOLBARPS.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\ASKPARTNERNETWORK\TOOLBAR\UPDATEMANAGER.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\SOURCE\PROGRAM FILES\VNT\VNTLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\PASSPORT.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\KMP-SAT\PASSPORT_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR_X64.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATER\TBNOTIFIER.EXE.VIR, Žádná uživatelská akce, [464], [124638],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\SEARCHHOOK.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\SERVICELOCATOR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.APNToolBar, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\APNSETUP.EXE.VIR, Žádná uživatelská akce, [5953], [76242],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\APNMCP.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\SO.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\UPDATEMANAGER.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\TOOLBARPS.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\ASKPARTNERNETWORK\TOOLBAR\TOOLBAR.EXE.VIR, Žádná uživatelská akce, [464], [307953],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\PROGRAM FILES (X86)\VNT\VNTLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\DHMZRPGFFKNF\APPDATA\LOCAL\VNT\VNTLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR_X64.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\JAROSLAV\APPDATA\LOCAL\VNT\VNTLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCLDR_X64.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRVSTUB_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\ASKPARTNERNETWORK\TOOLBAR\UPDATER\IDC\IDCSRV_X64.DLL.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.ASK.Generic, C:\ADWCLEANER\QUARANTINE\C\USERS\KRAVINY\APPDATA\LOCAL\VNT\VNTLDR.EXE.VIR, Žádná uživatelská akce, [1266], [345551],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\0.ini, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120526085111.log, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\20120604212416.log, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.dat, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.exe, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\Setup.ico, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\TsuDll.dll, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\_Setup.dll, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.InstallMate, C:\ProgramData\InstallMate\{B01A9061-55EF-4AEF-9983-6BD5B2D76491}\_Setupx.dll, Žádná uživatelská akce, [7517], [175227],1.0.3854
PUP.Optional.SInstalator, C:\WINDOWS\SYSWOW64\SSINS.EXE, Žádná uživatelská akce, [4425], [43480],1.0.3854

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Re: Kontrola, podezření na COM surrogate

Napsal: 03 úno 2018 10:11
od Márty84
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (staci uz jen sken hrozeb, bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Re: Kontrola, podezření na COM surrogate

Napsal: 03 úno 2018 13:58
od kakuki
Dobrý den, něco se objevilo:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 03.02.18
Čas skenování: 12:33
Logovací soubor: 09248994-08d6-11e8-b39e-002454eca298.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3857
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 15063.877)
CPU: x64
Systém souborů: NTFS
Uživatel: HEL\u00c4\u008cA-NOTEBOOK\Jaroslav

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 425327
Zjištěné hrozby: 4
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 14 min, 20 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 4
PUP.Optional.SweetPacks, C:\USERS\DHMZRPGFFKNF\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [964], [455283],1.0.3857
PUP.Optional.SweetPacks, C:\USERS\JAROSLAV\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Žádná uživatelská akce, [964], [455283],1.0.3857
PUP.Optional.SweetPacks, C:\USERS\JAROSLAV\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [964], [455283],1.0.3857
PUP.Optional.SweetPacks, C:\USERS\DHMZRPGFFKNF\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [964], [455283],1.0.3857

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Re: Kontrola, podezření na COM surrogate

Napsal: 04 úno 2018 04:34
od Márty84
:arrow: Nalezy nechte odstranit, pak MBAM odinstalujte.

:arrow: Dejte logy podle tohoto navodu https://forum.viry.cz/viewtopic.php?f=13&t=152707 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

Re: Kontrola, podezření na COM surrogate

Napsal: 04 úno 2018 11:26
od kakuki
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Jaroslav (administrator) on HELČA-NOTEBOOK (04-02-2018 11:20:39)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav & Kraviny & DefaultAppPool)
Platform: Windows 10 Home Version 1703 15063.877 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe
(GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Jaroslav\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-09-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Gold! RemindBoard] => C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1092304 2016-03-14] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Dropbox Update] => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [6100552 2018-01-31] (GOG.com)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRRE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Copernic Desktop Search] => "C:\Program Files (x86)\Copernic\DesktopSearch\x64\Copernic.DesktopSearch.exe" /tray
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150016 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-08-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sticky Notes.lnk [2017-09-07]
ShortcutTarget: Sticky Notes.lnk -> (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4694aaa7-e6f5-48fe-b57d-63654c8464c6}: [DhcpNameServer] 213.46.172.36 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {3f8f0f37-95c0-4a85-87a4-641a896a1d35} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid ... arch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {5a77b724-ed9c-4fd6-987d-838b8e592594} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {de90e581-2b9c-41fe-b06c-0a75f99d9bc9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {df5f9b9f-bd36-4d62-b963-45b58f76bd26} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13169
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-17] (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2701842232-1085011673-912201240-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jaroslav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default [2018-02-04]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-04-22]
CHR Extension: (Dokumenty) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (TimeDoser) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkneeaihlcdllananjlkmppnkdahdcc [2016-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Avast Passwords) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-02-02]
CHR Extension: (Avast SafePrice) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-16]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-01-30]
CHR Extension: (Page Refresh) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg [2016-05-23]
CHR Extension: (Little Alchemy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-04-22]
CHR Extension: (WorkFlowy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\koegeopamaoljbmhnfjbclbocehhgmkm [2017-10-13]
CHR Extension: (StayFocusd) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2017-09-18]
CHR Extension: (Foxkeh Theme) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfmcddmngjdmjmhhpcnbnmnkdhpjhef [2015-08-07]
CHR Extension: (PDF Merge - spojování souborů PDF) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndolbcaghkmhjhgggldkgjibdilpbdbm [2018-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-05-09]
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.3.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-03-10] (Seiko Epson Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [669256 2018-01-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-01-31] (GOG.com)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 lxdnCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-09-17] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-05] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-05] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-05] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-01-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-05] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-05] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-05] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457896 2018-01-18] (AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-05] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-05] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-11-11] (Windows (R) 2003 DDK 3790 provider)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2017-03-18] (Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-04 11:20 - 2018-02-04 11:22 - 000022170 _____ C:\Users\Jaroslav\Desktop\FRST.txt
2018-02-04 11:18 - 2018-02-04 11:18 - 000112640 _____ (forum.viry.cz) C:\Users\Jaroslav\Desktop\FRSTLauncher (1).exe
2018-02-04 11:17 - 2018-02-04 11:17 - 000112640 _____ (forum.viry.cz) C:\Users\Jaroslav\Desktop\Nepotvrzeno 503875.crdownload
2018-02-04 11:15 - 2018-02-04 11:16 - 002393088 _____ (Farbar) C:\Users\Jaroslav\Desktop\FRST64.exe
2018-02-03 17:09 - 2018-02-03 21:26 - 000000000 ____D C:\Atlas
2018-02-03 17:00 - 2018-02-03 17:00 - 000001323 _____ C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2018-02-03 16:59 - 2018-02-03 16:59 - 001710680 _____ C:\Users\Jaroslav\Documents\SetupVCD5500.exe
2018-02-03 16:59 - 2018-02-03 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2018-02-03 16:59 - 2018-02-03 16:59 - 000000000 ____D C:\Program Files (x86)\Elaborate Bytes
2018-02-03 13:53 - 2018-02-03 13:53 - 000002289 _____ C:\Users\Jaroslav\Desktop\malwareporestartu.txt
2018-02-03 12:24 - 2018-02-03 12:24 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-02-03 09:58 - 2018-02-03 09:58 - 000019783 _____ C:\Users\Jaroslav\Desktop\malwarebytes log.txt
2018-02-02 19:59 - 2018-02-02 20:00 - 082132184 _____ (Malwarebytes ) C:\Users\Jaroslav\Desktop\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3839.exe
2018-02-02 19:41 - 2018-02-02 19:41 - 008206624 _____ (Malwarebytes) C:\Users\Jaroslav\Desktop\adwcleaner_7.0.7.0.exe
2018-02-01 23:53 - 2018-02-01 23:53 - 000208565 _____ C:\Users\Jaroslav\Documents\Etika2.pdf
2018-02-01 22:11 - 2018-02-01 22:11 - 000000000 ____D C:\rsit
2018-02-01 22:10 - 2018-02-01 22:10 - 001222144 _____ C:\Users\Jaroslav\Desktop\RSITx64.exe
2018-02-01 21:12 - 2018-02-01 21:12 - 000000000 ____D C:\Users\Jaroslav\AppData\Roaming\Tracker Software
2018-02-01 21:01 - 2018-02-01 21:06 - 212145820 _____ C:\Users\Jaroslav\Desktop\Erich Fromm - Budete jako bohové.prn
2018-02-01 20:40 - 2018-02-01 20:40 - 000000000 ____D C:\ProgramData\Wondershare
2018-02-01 20:37 - 2018-02-01 20:37 - 000000000 ____D C:\Users\Jaroslav\AppData\Local\Wondershare
2018-02-01 20:33 - 2018-02-01 21:01 - 000000000 ____D C:\Users\Jaroslav\AppData\Roaming\Wondershare
2018-02-01 20:30 - 2018-02-01 21:01 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-02-01 20:28 - 2018-02-01 20:28 - 000983264 _____ C:\Users\Jaroslav\Documents\pdfelement6-pro_setup_full2996.exe
2018-01-29 18:38 - 2018-01-29 18:38 - 000000000 ____D C:\Users\Jaroslav\AppData\Roaming\.mono
2018-01-23 15:16 - 2018-01-23 15:17 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-17 21:50 - 2018-01-12 01:24 - 001146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-17 21:50 - 2018-01-12 01:24 - 001021344 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-17 21:50 - 2018-01-12 01:24 - 000966040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-01-17 21:50 - 2018-01-12 01:24 - 000751576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-17 21:50 - 2018-01-12 01:24 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-01-17 21:50 - 2018-01-12 01:21 - 008344984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-17 21:50 - 2018-01-12 01:18 - 000667032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-01-17 21:50 - 2018-01-12 01:18 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-01-17 21:50 - 2018-01-12 01:15 - 000388512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-01-17 21:50 - 2018-01-12 00:54 - 000627584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-17 21:50 - 2018-01-12 00:44 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-17 21:50 - 2018-01-12 00:44 - 000059448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-01-17 21:50 - 2018-01-12 00:30 - 006729216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-01-17 21:50 - 2018-01-12 00:29 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-01-17 21:50 - 2018-01-12 00:29 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2018-01-17 21:50 - 2018-01-12 00:28 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-17 21:50 - 2018-01-12 00:27 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-01-17 21:50 - 2018-01-12 00:27 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-01-17 21:50 - 2018-01-12 00:26 - 007344128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-17 21:50 - 2018-01-12 00:26 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-17 21:50 - 2018-01-12 00:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2018-01-17 21:50 - 2018-01-12 00:25 - 004208640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-17 21:50 - 2018-01-12 00:25 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2018-01-17 21:50 - 2018-01-12 00:24 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-01-17 21:50 - 2018-01-12 00:24 - 001191424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-01-17 21:50 - 2018-01-12 00:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-01-17 21:50 - 2018-01-12 00:23 - 005970944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-17 21:50 - 2018-01-12 00:23 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-01-17 21:50 - 2018-01-12 00:23 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-01-17 21:50 - 2018-01-12 00:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-01-17 21:50 - 2018-01-12 00:21 - 002053120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-01-17 21:50 - 2018-01-12 00:21 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-01-17 21:50 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2018-01-17 21:50 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2018-01-17 21:50 - 2018-01-12 00:18 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2018-01-17 21:50 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2018-01-17 21:50 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2018-01-17 21:49 - 2018-01-12 01:14 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-17 21:49 - 2018-01-12 01:14 - 000070352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-01-17 21:49 - 2018-01-12 00:33 - 007931904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-01-17 21:49 - 2018-01-12 00:32 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-17 21:49 - 2018-01-12 00:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-17 21:49 - 2018-01-12 00:30 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-01-17 21:49 - 2018-01-12 00:30 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-17 21:49 - 2018-01-12 00:29 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-17 21:49 - 2018-01-12 00:29 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-01-17 21:49 - 2018-01-12 00:26 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-17 21:49 - 2018-01-12 00:26 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-17 21:49 - 2018-01-12 00:26 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-01-17 21:49 - 2018-01-12 00:26 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-01-17 21:49 - 2018-01-12 00:26 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-17 21:49 - 2018-01-12 00:25 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-01-17 21:49 - 2018-01-12 00:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-01-17 21:49 - 2018-01-12 00:20 - 001437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2018-01-17 21:48 - 2018-01-12 00:30 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-01-17 21:48 - 2018-01-12 00:29 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-01-12 23:07 - 2018-01-14 15:08 - 000013313 _____ C:\Users\Jaroslav\Desktop\Já, Jirka a filmy.odt
2018-01-12 17:41 - 2018-01-31 15:08 - 000000000 ____D C:\Program Files\rempl
2018-01-08 14:03 - 2018-01-01 07:03 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-08 14:03 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-01-08 14:03 - 2018-01-01 03:26 - 000107416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-08 14:03 - 2018-01-01 03:24 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-08 14:03 - 2018-01-01 03:24 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-01-08 14:03 - 2018-01-01 03:24 - 000102808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-01-08 14:03 - 2018-01-01 03:24 - 000052632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-01-08 14:03 - 2018-01-01 03:23 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-08 14:03 - 2018-01-01 03:22 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-08 14:03 - 2018-01-01 03:22 - 001194784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-08 14:03 - 2018-01-01 03:22 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-08 14:03 - 2018-01-01 03:22 - 000119704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-01-08 14:03 - 2018-01-01 03:21 - 000587160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-08 14:03 - 2018-01-01 03:20 - 000036760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-01-08 14:03 - 2018-01-01 03:19 - 000730008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-08 14:03 - 2018-01-01 03:19 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-08 14:03 - 2018-01-01 03:19 - 000164760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-08 14:03 - 2018-01-01 03:19 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-01-08 14:03 - 2018-01-01 03:19 - 000027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-01-08 14:03 - 2018-01-01 03:18 - 000110600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-01-08 14:03 - 2018-01-01 03:18 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-08 14:03 - 2018-01-01 03:16 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-08 14:03 - 2018-01-01 03:16 - 001107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-08 14:03 - 2018-01-01 03:16 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-08 14:03 - 2018-01-01 03:15 - 000083352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-08 14:03 - 2018-01-01 03:14 - 000159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-08 14:03 - 2018-01-01 03:09 - 000142744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-08 14:03 - 2018-01-01 03:09 - 000070224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-01-08 14:03 - 2018-01-01 03:08 - 001325960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-08 14:03 - 2018-01-01 03:07 - 000583688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-01-08 14:03 - 2018-01-01 03:03 - 000311704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-08 14:03 - 2018-01-01 02:52 - 000195768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-08 14:03 - 2018-01-01 02:50 - 000787704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-08 14:03 - 2018-01-01 02:49 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-08 14:03 - 2018-01-01 02:48 - 005828768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-08 14:03 - 2018-01-01 02:48 - 002167320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-08 14:03 - 2018-01-01 02:48 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-01-08 14:03 - 2018-01-01 02:47 - 001998416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-08 14:03 - 2018-01-01 02:47 - 000433888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-08 14:03 - 2018-01-01 02:47 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-01-08 14:03 - 2018-01-01 02:47 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-01-08 14:03 - 2018-01-01 02:46 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-08 14:03 - 2018-01-01 02:46 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-01-08 14:03 - 2018-01-01 02:45 - 020374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-08 14:03 - 2018-01-01 02:45 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-08 14:03 - 2018-01-01 02:43 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-08 14:03 - 2018-01-01 02:42 - 000480912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-08 14:03 - 2018-01-01 02:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-01-08 14:03 - 2018-01-01 02:41 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-01-08 14:03 - 2018-01-01 02:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-01-08 14:03 - 2018-01-01 02:40 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2018-01-08 14:03 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-08 14:03 - 2018-01-01 02:40 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-01-08 14:03 - 2018-01-01 02:40 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-01-08 14:03 - 2018-01-01 02:40 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-08 14:03 - 2018-01-01 02:40 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-01-08 14:03 - 2018-01-01 02:39 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-08 14:03 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-08 14:03 - 2018-01-01 02:39 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-01-08 14:03 - 2018-01-01 02:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-01-08 14:03 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-01-08 14:03 - 2018-01-01 02:38 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-08 14:03 - 2018-01-01 02:38 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-08 14:03 - 2018-01-01 02:38 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-08 14:03 - 2018-01-01 02:38 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-08 14:03 - 2018-01-01 02:38 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-01-08 14:03 - 2018-01-01 02:37 - 023683072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-08 14:03 - 2018-01-01 02:37 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-08 14:03 - 2018-01-01 02:37 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-08 14:03 - 2018-01-01 02:37 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-08 14:03 - 2018-01-01 02:37 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-01-08 14:03 - 2018-01-01 02:37 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-08 14:03 - 2018-01-01 02:37 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-08 14:03 - 2018-01-01 02:37 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-08 14:03 - 2018-01-01 02:36 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-08 14:03 - 2018-01-01 02:36 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-08 14:03 - 2018-01-01 02:36 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-08 14:03 - 2018-01-01 02:36 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-01-08 14:03 - 2018-01-01 02:35 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-01-08 14:03 - 2018-01-01 02:34 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-01-08 14:03 - 2018-01-01 02:34 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 001380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-08 14:03 - 2018-01-01 02:33 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ssdpapi.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-08 14:03 - 2018-01-01 02:32 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-08 14:03 - 2018-01-01 02:32 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-01-08 14:03 - 2018-01-01 02:32 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-01-08 14:03 - 2018-01-01 02:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3dlg.dll
2018-01-08 14:03 - 2018-01-01 02:31 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-08 14:03 - 2018-01-01 02:31 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-08 14:03 - 2018-01-01 02:31 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-08 14:03 - 2018-01-01 02:31 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-01-08 14:03 - 2018-01-01 02:31 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-08 14:03 - 2018-01-01 02:31 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 020514304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 012803584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 004719104 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-08 14:03 - 2018-01-01 02:30 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-08 14:03 - 2018-01-01 02:29 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-01-08 14:03 - 2018-01-01 02:28 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-08 14:03 - 2018-01-01 02:28 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-01-08 14:03 - 2018-01-01 02:28 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-01-08 14:03 - 2018-01-01 02:28 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-08 14:03 - 2018-01-01 02:28 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-08 14:03 - 2018-01-01 02:27 - 006249472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-08 14:03 - 2018-01-01 02:27 - 000946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-08 14:03 - 2018-01-01 02:27 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-08 14:03 - 2018-01-01 02:27 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-01-08 14:03 - 2018-01-01 02:26 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-08 14:03 - 2018-01-01 02:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-08 14:03 - 2018-01-01 02:26 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-08 14:03 - 2018-01-01 02:26 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-01-08 14:03 - 2018-01-01 02:26 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-01-08 14:03 - 2018-01-01 02:26 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2018-01-08 14:03 - 2018-01-01 02:26 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-01-08 14:03 - 2018-01-01 02:25 - 002010112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-08 14:03 - 2018-01-01 02:24 - 003651072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-08 14:03 - 2018-01-01 02:24 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-08 14:03 - 2018-01-01 02:24 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-08 14:03 - 2018-01-01 02:24 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-08 14:03 - 2018-01-01 02:24 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-01-08 14:03 - 2018-01-01 02:23 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-08 14:03 - 2018-01-01 02:23 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-01-08 14:03 - 2018-01-01 02:22 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-01-08 14:03 - 2018-01-01 02:21 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-01-08 14:03 - 2018-01-01 02:21 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2018-01-08 14:03 - 2018-01-01 02:20 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-01-08 14:03 - 2018-01-01 02:20 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2018-01-08 14:03 - 2018-01-01 02:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-08 14:03 - 2018-01-01 02:18 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-01-08 14:03 - 2018-01-01 02:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-01-08 14:03 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-01-08 14:03 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-01-08 14:02 - 2018-01-01 03:27 - 000544152 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-08 14:02 - 2018-01-01 03:27 - 000382864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-08 14:02 - 2018-01-01 03:27 - 000264536 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-01-08 14:02 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-01-08 14:02 - 2018-01-01 03:27 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-08 14:02 - 2018-01-01 03:27 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-01-08 14:02 - 2018-01-01 03:27 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-01-08 14:02 - 2018-01-01 03:27 - 000020376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-01-08 14:02 - 2018-01-01 03:27 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-01-08 14:02 - 2018-01-01 03:25 - 001065608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-08 14:02 - 2018-01-01 03:25 - 000900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-08 14:02 - 2018-01-01 03:24 - 001188544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-08 14:02 - 2018-01-01 03:24 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-08 14:02 - 2018-01-01 03:24 - 000105880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-01-08 14:02 - 2018-01-01 03:24 - 000033688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-01-08 14:02 - 2018-01-01 03:23 - 000386456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-08 14:02 - 2018-01-01 03:22 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-08 14:02 - 2018-01-01 03:21 - 000328616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-08 14:02 - 2018-01-01 03:21 - 000063896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-08 14:02 - 2018-01-01 03:20 - 007319912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-08 14:02 - 2018-01-01 03:20 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-08 14:02 - 2018-01-01 03:20 - 000524760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-08 14:02 - 2018-01-01 03:20 - 000459160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-08 14:02 - 2018-01-01 03:19 - 002466392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-08 14:02 - 2018-01-01 03:19 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-08 14:02 - 2018-01-01 03:19 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000643704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000282520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000247472 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-01-08 14:02 - 2018-01-01 03:19 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000118680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000082328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000054168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-01-08 14:02 - 2018-01-01 03:19 - 000018672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-01-08 14:02 - 2018-01-01 03:18 - 021354736 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-08 14:02 - 2018-01-01 03:18 - 000822680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-01-08 14:02 - 2018-01-01 03:18 - 000316240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-08 14:02 - 2018-01-01 03:18 - 000175800 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-08 14:02 - 2018-01-01 03:18 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-01-08 14:02 - 2018-01-01 03:17 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2018-01-08 14:02 - 2018-01-01 03:15 - 001396680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-08 14:02 - 2018-01-01 03:15 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-08 14:02 - 2018-01-01 03:10 - 000100800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-01-08 14:02 - 2018-01-01 03:09 - 000434072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-08 14:02 - 2018-01-01 03:09 - 000114584 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-08 14:02 - 2018-01-01 02:52 - 023680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-08 14:02 - 2018-01-01 02:44 - 000411184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-01-08 14:02 - 2018-01-01 02:42 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-08 14:02 - 2018-01-01 02:42 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-08 14:02 - 2018-01-01 02:42 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-01-08 14:02 - 2018-01-01 02:42 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-08 14:02 - 2018-01-01 02:41 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-01-08 14:02 - 2018-01-01 02:41 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-01-08 14:02 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-01-08 14:02 - 2018-01-01 02:41 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-08 14:02 - 2018-01-01 02:41 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-01-08 14:02 - 2018-01-01 02:41 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-01-08 14:02 - 2018-01-01 02:40 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\container_xml.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-01-08 14:02 - 2018-01-01 02:40 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-01-08 14:02 - 2018-01-01 02:40 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-01-08 14:02 - 2018-01-01 02:40 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-01-08 14:02 - 2018-01-01 02:40 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-01-08 14:02 - 2018-01-01 02:39 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-01-08 14:02 - 2018-01-01 02:39 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-01-08 14:02 - 2018-01-01 02:39 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-01-08 14:02 - 2018-01-01 02:39 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-01-08 14:02 - 2018-01-01 02:39 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-01-08 14:02 - 2018-01-01 02:38 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-01-08 14:02 - 2018-01-01 02:38 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-01-08 14:02 - 2018-01-01 02:38 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-01-08 14:02 - 2018-01-01 02:38 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-01-08 14:02 - 2018-01-01 02:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-01-08 14:02 - 2018-01-01 02:37 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-08 14:02 - 2018-01-01 02:36 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-01-08 14:02 - 2018-01-01 02:35 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-01-08 14:02 - 2018-01-01 02:35 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-01-08 14:02 - 2018-01-01 02:35 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-08 14:02 - 2018-01-01 02:35 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-01-08 14:02 - 2018-01-01 02:35 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-01-08 14:02 - 2018-01-01 02:35 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-01-08 14:02 - 2018-01-01 02:34 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-01-08 14:02 - 2018-01-01 02:34 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-01-08 14:02 - 2018-01-01 02:34 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-01-08 14:02 - 2018-01-01 02:33 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-01-08 14:02 - 2018-01-01 02:33 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-01-08 14:02 - 2018-01-01 02:33 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-01-08 14:02 - 2018-01-01 02:32 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-08 14:02 - 2018-01-01 02:32 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-08 14:02 - 2018-01-01 02:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-01-08 14:02 - 2018-01-01 02:32 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-01-08 14:02 - 2018-01-01 02:32 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-01-08 14:02 - 2018-01-01 02:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-01-08 14:02 - 2018-01-01 02:31 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-08 14:02 - 2018-01-01 02:31 - 001398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-08 14:02 - 2018-01-01 02:31 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-08 14:02 - 2018-01-01 02:31 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-08 14:02 - 2018-01-01 02:30 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-08 14:02 - 2018-01-01 02:30 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-08 14:02 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-08 14:02 - 2018-01-01 02:30 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-08 14:02 - 2018-01-01 02:30 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-01-08 14:02 - 2018-01-01 02:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 002426368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-01-08 14:02 - 2018-01-01 02:29 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-01-08 14:02 - 2018-01-01 02:28 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-08 14:02 - 2018-01-01 02:26 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-08 14:02 - 2018-01-01 02:26 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-08 14:02 - 2018-01-01 02:25 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-01-08 14:02 - 2018-01-01 02:25 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2018-01-08 14:02 - 2018-01-01 02:25 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-01-08 14:02 - 2018-01-01 02:24 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-08 14:02 - 2018-01-01 02:23 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-01-08 14:02 - 2018-01-01 02:23 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-01-08 14:02 - 2018-01-01 02:23 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-01-08 14:02 - 2018-01-01 02:23 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-01-08 14:02 - 2018-01-01 02:23 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-01-08 14:02 - 2018-01-01 02:23 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-01-08 14:02 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-08 14:02 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-01-08 14:02 - 2018-01-01 02:23 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-01-08 14:02 - 2018-01-01 02:23 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-01-08 14:02 - 2018-01-01 02:18 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-01-05 15:56 - 2018-01-05 15:56 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-01-05 15:56 - 2018-01-05 15:55 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-04 11:20 - 2017-05-07 22:10 - 000000000 ____D C:\FRST
2018-02-04 11:11 - 2015-07-16 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-04 11:10 - 2017-09-11 10:55 - 000000000 ____D C:\Users\Kraviny
2018-02-04 11:00 - 2017-09-11 10:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-03 20:05 - 2017-09-11 10:55 - 000000000 ____D C:\Users\DefaultAppPool
2018-02-03 19:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-03 17:00 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-03 12:22 - 2017-09-11 10:55 - 000000000 ____D C:\Users\Jaroslav
2018-02-03 12:21 - 2017-09-11 11:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-03 12:19 - 2012-03-10 09:04 - 000000000 ____D C:\ProgramData\InstallMate
2018-02-03 09:42 - 2017-08-17 14:32 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-03 06:39 - 2017-09-11 11:22 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-02-02 20:51 - 2017-04-01 06:24 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2018-02-02 19:48 - 2017-03-18 12:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2018-02-02 19:47 - 2015-07-13 17:41 - 000000000 ____D C:\AdwCleaner
2018-02-02 18:40 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-01 22:11 - 2015-07-13 08:20 - 000000000 ____D C:\Program Files\trend micro
2018-02-01 22:04 - 2017-09-11 10:53 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-31 22:38 - 2017-09-11 11:22 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2701842232-1085011673-912201240-1000
2018-01-31 22:38 - 2017-05-28 19:36 - 000002440 _____ C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-31 22:38 - 2015-08-07 07:58 - 000000000 ___RD C:\Users\Jaroslav\OneDrive
2018-01-31 17:35 - 2013-05-30 21:51 - 000000000 ____D C:\Users\Jaroslav\AppData\Roaming\Skype
2018-01-29 21:28 - 2016-05-20 19:11 - 000000000 ____D C:\Users\Jaroslav\Desktop\Tábor
2018-01-29 19:04 - 2017-04-01 06:27 - 000001422 _____ C:\Users\Public\Desktop\Gwent.lnk
2018-01-29 19:04 - 2017-04-01 06:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2018-01-29 18:29 - 2017-08-27 19:05 - 000000000 ____D C:\Users\Jaroslav\Desktop\blbůstky
2018-01-19 12:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-01-18 20:21 - 2014-02-03 20:19 - 000000000 ___RD C:\Users\Jaroslav\Documents\Scanned Documents
2018-01-18 20:10 - 2015-08-07 07:52 - 000000000 ____D C:\Users\Jaroslav\AppData\Local\Packages
2018-01-18 20:09 - 2015-03-08 18:40 - 000000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2018-01-18 11:16 - 2017-02-08 13:04 - 000457896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-18 11:16 - 2017-02-08 13:04 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-01-18 01:09 - 2017-09-11 10:47 - 005137248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-18 01:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-18 01:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-18 01:05 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-18 01:05 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-17 22:04 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-11 14:58 - 2013-08-14 21:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-11 14:48 - 2017-10-12 21:34 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-11 14:48 - 2011-07-24 14:48 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 07:48 - 2017-09-11 10:54 - 002669374 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-10 07:48 - 2017-03-20 05:43 - 001166020 _____ C:\WINDOWS\system32\perfh005.dat
2018-01-10 07:48 - 2017-03-20 05:43 - 000288554 _____ C:\WINDOWS\system32\perfc005.dat
2018-01-10 07:45 - 2015-08-07 07:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-09 23:12 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-09 23:12 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-09 18:00 - 2011-07-07 20:16 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-07 16:11 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-05 15:57 - 2017-06-06 16:55 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-01-05 15:56 - 2017-11-18 11:41 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-01-05 15:56 - 2017-02-08 13:04 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-01-05 15:56 - 2017-02-08 13:04 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-01-05 15:56 - 2017-02-08 13:04 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-01-05 15:56 - 2017-02-08 13:04 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-01-05 15:56 - 2017-02-08 13:04 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-01-05 15:55 - 2017-02-08 13:04 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-01-05 15:55 - 2017-02-08 13:04 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-01-05 15:55 - 2017-02-08 13:04 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-01-05 15:55 - 2017-02-08 13:04 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-01-05 15:55 - 2017-02-08 13:04 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys

==================== Files in the root of some directories =======

2014-01-20 19:00 - 2014-01-20 19:05 - 407010384 _____ (Microsoft Corporation) C:\Program Files\SetupUtility.exe
2014-01-20 20:17 - 2014-01-20 20:17 - 001785512 _____ () C:\Program Files\wrar500cz.exe
2015-08-07 08:02 - 2015-08-07 08:02 - 000000000 _____ () C:\Program Files (x86)\Common Files\AMD
2013-08-16 20:54 - 2013-08-16 20:54 - 000000176 _____ () C:\Users\Jaroslav\AppData\Roaming\default.rss
2015-09-29 20:49 - 2017-08-27 19:16 - 000000261 _____ () C:\Users\Jaroslav\AppData\Roaming\FotoSketcher.ini
2015-07-14 21:06 - 2015-07-14 21:07 - 000030720 ___SH () C:\Users\Jaroslav\AppData\Roaming\Thumbs.db
2014-04-09 20:11 - 2015-01-02 10:49 - 000020344 _____ () C:\Users\Jaroslav\AppData\Roaming\UserTile.png
2014-09-17 20:26 - 2014-10-10 15:28 - 000000672 _____ () C:\Users\Jaroslav\AppData\Roaming\__AvidCloudManager.log
2014-09-17 20:26 - 2014-09-17 20:31 - 000000670 _____ () C:\Users\Jaroslav\AppData\Roaming\__AvidCloudManagerPrevious.log
2013-06-13 20:36 - 2014-11-23 20:02 - 000007168 _____ () C:\Users\Jaroslav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-07 15:05 - 2017-08-20 16:31 - 000007614 _____ () C:\Users\Jaroslav\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000Core.job => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000UA.job => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L382 Series Update {2236B9FE-0473-465A-92DF-586F369B52F0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRRE.EXE:/EXE:{2236B9FE-0473-465A-92DF-586F369B52F0} /F:UpdateWORKGROUP\HELČA-NOTEBOOK$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jaroslav\Desktop" je 16028 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop
"C:\Program Files (x86)\4shared Desktop\desktop.exe" "startup" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFARestart
"C:\ProgramData\MFAData\pack\avgrunasx.exe" /usereg [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\Jaroslav\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Jaroslav\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherBugAlert
"C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe" /st [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher
"C:\Program Files\Zune\ZuneLauncher.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk
C:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut11_C03C290FA6F54A2B8A2DFE2786A1E275.exe /f=srs_premium_sound_noext_nogame.zip /h [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Re: Kontrola, podezření na COM surrogate

Napsal: 04 úno 2018 11:56
od Márty84
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jaroslav\Desktop" je 16028 MB.
:arrow: Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :)



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Dropbox Update] => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)

BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eater/","hxxps://www.google.com/"
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.3.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx <not found>


Task: C:\WINDOWS\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000Core.job => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000UA.job => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L382 Series Update {2236B9FE-0473-465A-92DF-586F369B52F0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRRE.EXE:/EXE:{2236B9FE-0473-465A-92DF-586F369B52F0} /F:UpdateWORKGROUP\HELČA-NOTEBOOK$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFARestart
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherBugAlert
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Re: Kontrola, podezření na COM surrogate

Napsal: 04 úno 2018 14:30
od kakuki
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Jaroslav (04-02-2018 14:18:11) Run:2
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav & Kraviny & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Dropbox Update] => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)

BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... oogle.com/"
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.3.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx <not found>


Task: C:\WINDOWS\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000Core.job => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000UA.job => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON L382 Series Update {2236B9FE-0473-465A-92DF-586F369B52F0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRRE.EXE:/EXE:{2236B9FE-0473-465A-92DF-586F369B52F0} /F:UpdateWORKGROUP\HEL�A-NOTEBOOK$CSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFARestart
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherBugAlert
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Dropbox Update" => removed successfully
"HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => removed successfully
HKLM\Software\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found
"HKLM\Software\Classes\PROTOCOLS\Handler\skypec2c" => removed successfully
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found
"Chrome StartupUrls" => removed successfully
"HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\eibfgbclmgnmffinenpipoibfdoblond" => removed successfully
"HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\fkfpcckoflkdgjdobdkpclgngaahgbpi" => removed successfully
"HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\ghoooididkjbjjldgojdgceoinbhbjmh" => removed successfully
"HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\lelcohngbjgpiibagnfmncojacafbbpg" => removed successfully
C:\WINDOWS\Tasks\Defraggler Volume C Task.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000Core.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000UA.job => moved successfully
C:\WINDOWS\Tasks\EPSON L382 Series Update {2236B9FE-0473-465A-92DF-586F369B52F0}.job => moved successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFARestart" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherBugAlert" => removed successfully
"HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 66014145 B
Java, Flash, Steam htmlcache => 118233568 B
Windows/system/drivers => 5340 B
Edge => 302 B
Chrome => 782112993 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 6530 B
NetworkService => 0 B
Jaroslav => 22879539 B
Kraviny => 23311 B
DefaultAppPool => 0 B

RecycleBin => 710313796 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:22:36 ====

Re: Kontrola, podezření na COM surrogate

Napsal: 05 úno 2018 13:27
od Márty84
:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak to s pc vypada.

Re: Kontrola, podezření na COM surrogate

Napsal: 08 úno 2018 20:25
od kakuki
Dobrý den, CCleaner a Defraggler už pár let mám a pravidelně je používám.
Počítač funguje jako vždy, někdy je pomalejší někdy rychlejší :)
Myslíte tedy, že COM surrogate se nemusím bát?

Re: Kontrola, podezření na COM surrogate

Napsal: 09 úno 2018 10:44
od Márty84
kakuki píše:Myslíte tedy, že COM surrogate se nemusím bát?
Porad se nekde neco ukazuje?


:arrow: Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Re: Kontrola, podezření na COM surrogate

Napsal: 09 úno 2018 17:33
od kakuki
Ano, bohužel, když otevřu Správce úloh, stále se mi zobrazuje úloha COM surrogate, která ale okamžitě zmizí.

----------------------------------------------------------------------------
CrystalDiskInfo 7.5.1 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 15063] (x64)
Date : 2018/02/09 17:11:03

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- WDC WD5000BEVT-35A0RT0
- TSSTcorp CDDVDW TS-L633J
- Řadič prostorů úložišť [SCSI]
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEVT-35A0RT0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000BEVT-35A0RT0
----------------------------------------------------------------------------
Model : WDC WD5000BEVT-35A0RT0
Firmware : 01.01A01
Serial Number : WD-WXG1A9064290
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 8876 hod.
Power On Count : 3889 krát
Temperature : 41 C (105 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : 80FEh [OFF]
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000001 Počet chyb čtení
03 186 183 _21 000000000693 Čas na roztočení ploten
04 _97 _97 __0 000000000F67 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _88 _88 __0 0000000022AC Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000F31 Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000004C Počet vypnutí disku
C1 __1 __1 __0 0000000D61E7 Počet cyklů načítání/vymazání
C2 106 _96 __0 000000000029 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4731 4139 3036 3432 3930
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D33 3541 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 0045
090: 0045 0080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE6
110: AB42 0AC6 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 01 00 00 00 00 00 00 03 27
010: 00 BA B7 93 06 00 00 00 00 00 04 32 00 61 61 67
020: 0F 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 58 58 AC 22 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 31 0F 00 00 00 00 00 C0 32
070: 00 C8 C8 4C 00 00 00 00 00 00 C1 32 00 01 01 E7
080: 61 0D 00 00 00 00 C2 22 00 6A 60 29 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 F8 34 01 7B
170: 03 00 01 00 02 9E 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CA

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A7
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz