VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Outlook odesílá sám emaily

https://forum.viry.cz:443/viewtopic.php?t=154616

Stránka 1 z 1

Outlook odesílá sám emaily

Napsal: 07 srp 2018 18:01
od greatone
Dobrý den,

Prosím o kontrolu PC kamarádky. Chodí ji emaily od ní samotné...(používá pouze outlook v tomto PC) + už se teď nemůže ani dostat do emailu. Něco jí údajně změnilo heslo...
Měla neaktualizované windows, používala sice spybot ale i ten byl ve verzi 1.6.2 s taky neaktuální... Vše jsem aktualizoval, a zkontroloval PC spybotem a mbamem. Našlo to přes 50 záznamů o infekci, bohužel sem omlouvám neuložil jsem si co to našlo...
Moc Vás tedy prosím podívejte se mi na to ještě.

Velice děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Katka at 2018-08-07 18:38:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (28%) free of 100 GB
Total RAM: 3293 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:51, on 7.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ESET\ESET Security\egui.exe
C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Katka\Desktop\RSIT.exe
C:\Program Files\trend micro\Katka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\Katka\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Security\ecmds.exe" /launch /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1411
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 7714 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\yrw4ptwp.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.cz/?gws_rd=ssl"
prefs.js - "keyword.URL" - "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\Katka\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-10-25 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23 194424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 4445272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
""= []
"CanonQuickMenu"=C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2018-07-30 170128]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2018-04-20 6788032]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1411 []

C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-07 18:38:35 ----D---- C:\Program Files\trend micro
2018-08-07 18:38:34 ----D---- C:\rsit
2018-08-07 18:32:36 ----A---- C:\Windows\system32\poqexec.exe
2018-08-07 07:53:10 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-08-07 07:52:26 ----A---- C:\Windows\system32\wksprt.exe
2018-08-07 07:52:26 ----A---- C:\Windows\system32\tsgqec.dll
2018-08-07 07:52:26 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-08-07 07:52:26 ----A---- C:\Windows\system32\mstscax.dll
2018-08-07 07:14:47 ----A---- C:\Windows\system32\rdpudd.dll
2018-08-07 07:14:47 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-08-07 07:14:47 ----A---- C:\Windows\system32\rdpcorets.dll
2018-08-06 22:47:08 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-08-06 22:47:04 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-08-06 22:29:58 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-08-06 22:29:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-08-06 22:29:46 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-08-06 22:29:45 ----A---- C:\Windows\system32\wksprtPS.dll
2018-08-06 22:29:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-08-06 22:29:45 ----A---- C:\Windows\system32\mstsc.exe
2018-08-06 22:29:45 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-08-06 22:03:34 ----SHD---- C:\Config.Msi
2018-08-06 22:02:20 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\vbscript.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\KernelBase.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\hlink.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\gdi32.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\FntCache.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\drivers\luafv.sys
2018-08-06 21:57:50 ----A---- C:\Windows\system32\cdd.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\basecsp.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\wlansec.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\wlanapi.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\win32k.sys
2018-08-06 21:57:49 ----A---- C:\Windows\system32\UtcResources.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\usp10.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\scksp.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\rtm.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\jsproxy.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\iprtprio.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\ieUnatt.exe
2018-08-06 21:57:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\fontsub.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\dxtmsft.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\DWrite.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\wlanmsm.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\wlanhlp.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\t2embed.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\kernel32.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\jscript.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\iprtrmgr.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\icm32.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-08-06 21:57:48 ----A---- C:\Windows\system32\diagtrack.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\atmlib.dll
2018-08-06 21:57:47 ----A---- C:\Windows\system32\wininet.dll
2018-08-06 21:57:47 ----A---- C:\Windows\system32\dxtrans.dll
2018-08-06 21:57:46 ----A---- C:\Windows\system32\ieui.dll
2018-08-06 21:57:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-08-06 21:57:45 ----A---- C:\Windows\system32\mshtmled.dll
2018-08-06 21:57:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-08-06 21:57:44 ----A---- C:\Windows\system32\iertutil.dll
2018-08-06 21:57:43 ----A---- C:\Windows\system32\jscript9.dll
2018-08-06 21:57:42 ----A---- C:\Windows\system32\wlansvc.dll
2018-08-06 21:57:42 ----A---- C:\Windows\system32\webservices.dll
2018-08-06 21:57:41 ----A---- C:\Windows\system32\mshtml.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\wups.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\winnsi.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\wdigest.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\tzres.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\schannel.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\pcalua.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\msxml6r.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\msxml3r.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\mstext40.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\mssitlb.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\msexch40.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\mferror.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\drivers\swenum.sys
2018-08-06 21:57:40 ----A---- C:\Windows\system32\drivers\fastfat.sys
2018-08-06 21:57:40 ----A---- C:\Windows\system32\dciman32.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\msnetobj.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\drmmgrtn.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\drivers\exfat.sys
2018-08-06 21:57:39 ----A---- C:\Windows\system32\cryptbase.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\blackbox.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\AUDIOKSE.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\wvc.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\wups2.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\wpnpinst.exe
2018-08-06 21:57:38 ----A---- C:\Windows\system32\spoolsv.exe
2018-08-06 21:57:38 ----A---- C:\Windows\system32\rrinstaller.exe
2018-08-06 21:57:38 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\mssrch.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\mssprxy.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\msscntrs.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\mmcshext.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\inetppui.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\IcCoinstall.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\credssp.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\asycfilt.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\wkssvc.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\TSpkg.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\sscore.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\samlib.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\pcaevts.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\olepro32.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\nsisvc.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\msv1_0.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\icaapi.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\drmv2clt.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-08-06 21:57:37 ----A---- C:\Windows\system32\apisetschema.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\traffic.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\rpchttp.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\rdpcore.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\P2P.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\ncrypt.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\msscp.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\mfps.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\mfpmp.exe
2018-08-06 21:57:36 ----A---- C:\Windows\system32\EncDump.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2018-08-06 21:57:36 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-08-06 21:57:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-08-06 21:57:36 ----A---- C:\Windows\system32\ci.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\bcryptprimitives.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\bcrypt.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\AudioSes.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\audiodg.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\win32spl.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\UIAnimation.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\tquery.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\srvsvc.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\scesrv.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\samsrv.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\qdvd.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\ntprint.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\msxml3.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\msihnd.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\msiexec.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\mmc.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\mfmjpegdec.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\lsass.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\lpk.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\kerberos.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\inetpp.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\evr.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\cic.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\catsrvut.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\advapi32.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\wsnmp32.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\wmdrmsdk.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\wintrust.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\WinSCard.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\TabSvc.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\rpcss.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\rpcrt4.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\pcadm.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\p2psvc.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\oleaut32.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\MPSSVC.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\mprdim.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\mfplat.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2018-08-06 21:57:34 ----A---- C:\Windows\system32\drivers\cng.sys
2018-08-06 21:57:34 ----A---- C:\Windows\system32\davclnt.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\cryptsvc.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\cryptnet.dll
2018-08-06 21:57:33 ----A---- C:\Windows\system32\mscms.dll
2018-08-06 21:57:33 ----A---- C:\Windows\system32\audiosrv.dll
2018-08-06 21:57:33 ----A---- C:\Windows\system32\AudioEng.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\wer.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\Query.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\quartz.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\itss.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\dnsapi.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\comsvcs.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\Wldap32.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\msi.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\mmcndmgr.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\inetcomm.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\pla.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\msxml6.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\lsasrv.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\localspl.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\pdh.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\ole32.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\crypt32.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\wisptis.exe
2018-08-06 21:57:28 ----A---- C:\Windows\system32\WebClnt.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\cdosys.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\adsmsext.dll
2018-08-06 21:57:27 ----A---- C:\Windows\system32\wmp.dll
2018-08-06 21:57:27 ----A---- C:\Windows\system32\pcasvc.dll
2018-08-06 21:57:27 ----A---- C:\Windows\system32\mf.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\wmploc.DLL
2018-08-06 21:57:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-06 21:57:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-08-06 21:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\wudriver.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\wfapigp.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\spwmp.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msrepl40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msrd3x40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msrd2x40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msjtes40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msjint40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msjetoledb40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msexcl40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\icfupgd.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-08-06 21:57:25 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-08-06 21:57:25 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wuwebv.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wuaueng.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wsmprovhost.exe
2018-08-06 21:57:24 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wshnetbs.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\sspisrv.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\secur32.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\nsi.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msxbde40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\mswstr10.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\mswdat10.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\mspbde40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msltus40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msjter40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msjet40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\iernonce.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\pci.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\nwifi.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\errdev.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\csrsrv.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\appidsvc.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\appidapi.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\zipfldr.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\wuapp.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\WsmWmiPl.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\WsmAuto.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\wshqos.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\ucrtbase.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\sspicli.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\rstrui.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\PeerDistHttpTrans.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\PeerDist.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\inseng.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\halacpi.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\hal.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\tdx.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\srv.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\http.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\afd.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\appinfo.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-08-06 21:57:22 ----A---- C:\Windows\system32\sysmain.dll
2018-08-06 21:57:22 ----A---- C:\Windows\system32\smss.exe
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\rdbss.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\clfs.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\atmfd.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\wuauclt.exe
2018-08-06 21:57:21 ----A---- C:\Windows\system32\wuapi.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\WsmSvc.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\urlmon.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\PeerDistSvc.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\ntdll.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\iedkcs32.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\halmacpi.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\bowser.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-08-06 21:57:20 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-08-06 21:57:20 ----A---- C:\Windows\system32\wucltux.dll
2018-08-06 21:57:20 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-08-06 21:57:20 ----A---- C:\Windows\system32\drivers\termdd.sys
2018-08-06 21:57:20 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-08-06 21:57:20 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-08-06 21:57:19 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-06 21:57:19 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\webcheck.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\shdocvw.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\msrating.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\INETRES.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\iesetup.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\cryptui.dll
2018-08-06 21:57:17 ----A---- C:\Windows\system32\themeui.dll
2018-08-06 21:57:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-06 21:57:17 ----A---- C:\Windows\system32\mmcbase.dll
2018-08-06 21:57:17 ----A---- C:\Windows\system32\ieframe.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\wsmplpxy.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\werdiagcontroller.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\srclient.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\plasrv.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\pcawrk.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\netbtugc.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\mssphtb.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\msshooks.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\MigAutoPlay.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\dxmasf.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\comcat.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\wermgr.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\vmictimeprovider.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\srcore.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\sdchange.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\resmon.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\pdhui.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\mssph.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\msrahc.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\msmmsp.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\conhost.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\auditpol.exe
2018-08-06 21:57:14 ----A---- C:\Windows\system32\winsrv.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\streamci.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\racpldlg.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\msinfo32.exe
2018-08-06 21:57:14 ----A---- C:\Windows\system32\itircl.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\IMJP10K.DLL
2018-08-06 21:57:14 ----A---- C:\Windows\system32\hhsetup.dll
2018-08-06 21:57:14 ----A---- C:\Windows\hh.exe
2018-08-06 21:57:13 ----A---- C:\Windows\system32\perfmon.exe
2018-08-06 21:57:13 ----A---- C:\Windows\system32\bcdedit.exe
2018-08-06 21:57:12 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-08-06 21:57:12 ----A---- C:\Windows\system32\vmicsvc.exe
2018-08-06 21:57:11 ----A---- C:\Windows\system32\PrintBrmUi.exe
2018-08-06 21:57:11 ----A---- C:\Windows\system32\occache.dll
2018-08-06 21:57:11 ----A---- C:\Windows\system32\mssvp.dll
2018-08-06 21:57:11 ----A---- C:\Windows\system32\msra.exe
2018-08-06 21:57:10 ----A---- C:\Windows\system32\gpedit.dll
2018-08-06 21:57:10 ----A---- C:\Windows\HelpPane.exe
2018-08-06 21:57:09 ----A---- C:\Windows\system32\wdc.dll
2018-08-06 21:57:09 ----A---- C:\Windows\system32\consent.exe
2018-08-06 21:57:09 ----A---- C:\Windows\system32\authui.dll
2018-08-06 21:57:08 ----A---- C:\Windows\system32\rundll32.exe
2018-08-06 21:57:08 ----A---- C:\Windows\system32\ntprint.exe
2018-08-06 21:57:08 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-08-06 21:57:07 ----A---- C:\Windows\system32\user32.dll
2018-08-06 21:57:07 ----A---- C:\Windows\system32\msctf.dll
2018-08-06 21:57:06 ----A---- C:\Windows\system32\shell32.dll
2018-08-06 21:56:59 ----A---- C:\Windows\system32\input.dll
2018-08-06 21:56:58 ----A---- C:\Windows\system32\scavengeui.dll
2018-08-06 21:56:58 ----A---- C:\Windows\system32\cryptsp.dll
2018-08-06 21:56:57 ----A---- C:\Windows\system32\winload.exe
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-08-06 21:56:54 ----A---- C:\Windows\system32\WsmRes.dll
2018-08-06 21:56:54 ----A---- C:\Windows\system32\oleres.dll
2018-08-06 21:56:54 ----A---- C:\Windows\system32\msimsg.dll
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\VIAAGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\SISAGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\AMDAGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-08-06 21:56:54 ----A---- C:\Windows\system32\adtschema.dll
2018-08-06 21:56:53 ----A---- C:\Windows\system32\vmicres.dll
2018-08-06 21:56:53 ----A---- C:\Windows\system32\nlsbres.dll
2018-08-06 21:56:53 ----A---- C:\Windows\system32\msaudite.dll
2018-08-06 21:56:52 ----A---- C:\Windows\system32\msobjs.dll
2018-08-06 21:54:25 ----A---- C:\Windows\system32\sdnclean.exe
2018-08-06 21:54:10 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-08-06 21:51:47 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-08-06 21:51:47 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-08-06 21:51:47 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-08-06 21:51:37 ----A---- C:\Windows\system32\invagent.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\generaltel.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\devinv.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-08-06 21:51:37 ----A---- C:\Windows\system32\centel.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\appraiser.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\aitstatic.exe
2018-08-06 21:51:37 ----A---- C:\Windows\system32\aepic.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\aeinv.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\acmigration.dll
2018-08-06 21:48:27 ----A---- C:\Windows\system32\mtxoci.dll
2018-08-06 21:48:27 ----A---- C:\Windows\system32\msorcl32.dll
2018-08-06 21:48:19 ----A---- C:\Windows\system32\WindowsCodecs.dll
2018-08-06 21:47:50 ----A---- C:\Windows\system32\EncDec.dll
2018-08-06 21:47:50 ----A---- C:\Windows\system32\CPFilters.dll
2018-08-06 21:47:33 ----A---- C:\Windows\system32\mfds.dll
2018-08-06 21:47:10 ----A---- C:\Windows\system32\seclogon.dll
2018-08-06 21:47:08 ----A---- C:\Windows\system32\tbs.dll
2018-08-06 21:47:08 ----A---- C:\Windows\system32\fveapibase.dll
2018-08-06 21:47:08 ----A---- C:\Windows\system32\fveapi.dll
2018-08-06 21:46:58 ----A---- C:\Windows\system32\webio.dll
2018-08-06 21:46:58 ----A---- C:\Windows\system32\d3d10level9.dll
2018-08-06 21:46:56 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2018-08-06 21:46:55 ----A---- C:\Windows\system32\drivers\disk.sys
2018-08-06 21:46:50 ----A---- C:\Windows\system32\winipsec.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\polstore.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\IPSECSVC.DLL
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpsvc.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpscript.exe
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpscript.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpprefcl.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpapi.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2018-08-06 21:46:43 ----A---- C:\Windows\system32\InkEd.dll
2018-08-06 21:46:42 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2018-08-06 21:46:40 ----A---- C:\Windows\explorer.exe
2018-08-06 21:37:20 ----A---- C:\Windows\system32\winhttp.dll
2018-08-06 21:37:19 ----A---- C:\Windows\system32\ws2_32.dll
2018-08-06 21:37:19 ----A---- C:\Windows\system32\mswsock.dll
2018-08-06 21:07:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-08-06 21:07:42 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-08-06 21:07:42 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-08-06 21:07:42 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-08-06 21:07:34 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-08-06 21:07:22 ----A---- C:\Windows\system32\drivers\mbae.sys
2018-08-06 21:07:15 ----D---- C:\ProgramData\Malwarebytes
2018-08-06 21:07:15 ----D---- C:\Program Files\Malwarebytes
2018-07-23 08:56:09 ----D---- C:\Program Files\Common Files\Oracle
2018-07-23 08:55:26 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2018-08-07 18:43:41 ----D---- C:\Windows\Temp
2018-08-07 18:41:35 ----SHD---- C:\Windows\Installer
2018-08-07 18:41:22 ----D---- C:\Windows\System32
2018-08-07 18:41:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-07 18:41:05 ----D---- C:\Windows\inf
2018-08-07 18:40:49 ----D---- C:\Windows\rescache
2018-08-07 18:38:35 ----RD---- C:\Program Files
2018-08-07 18:38:20 ----D---- C:\Windows\Microsoft.NET
2018-08-07 18:38:15 ----RSD---- C:\Windows\assembly
2018-08-07 18:36:03 ----SHD---- C:\System Volume Information
2018-08-07 18:33:13 ----D---- C:\Windows\system32\config
2018-08-07 18:32:00 ----D---- C:\Windows\winsxs
2018-08-07 18:30:21 ----D---- C:\Windows\system32\drivers
2018-08-07 07:54:33 ----D---- C:\Windows\system32\cs-CZ
2018-08-06 23:27:04 ----D---- C:\Windows\system32\catroot2
2018-08-06 22:59:16 ----D---- C:\Windows\Logs
2018-08-06 22:58:01 ----D---- C:\Windows
2018-08-06 22:55:02 ----D---- C:\Windows\system32\en-US
2018-08-06 22:55:02 ----D---- C:\Windows\PolicyDefinitions
2018-08-06 22:55:00 ----D---- C:\Windows\system32\wbem
2018-08-06 22:55:00 ----D---- C:\Windows\system32\drivers\en-US
2018-08-06 22:54:58 ----D---- C:\Windows\ehome
2018-08-06 22:54:56 ----SD---- C:\Windows\system32\CompatTel
2018-08-06 22:54:56 ----RSD---- C:\Windows\Fonts
2018-08-06 22:54:56 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-08-06 22:54:55 ----D---- C:\Windows\system32\appraiser
2018-08-06 22:54:55 ----D---- C:\Windows\AppPatch
2018-08-06 22:54:42 ----D---- C:\Program Files\Internet Explorer
2018-08-06 22:54:42 ----D---- C:\Program Files\DVD Maker
2018-08-06 22:54:41 ----D---- C:\Program Files\Windows Media Player
2018-08-06 22:54:40 ----D---- C:\Windows\system32\Setup
2018-08-06 22:54:40 ----D---- C:\Windows\system32\migration
2018-08-06 22:54:38 ----D---- C:\Windows\system32\migwiz
2018-08-06 22:54:38 ----D---- C:\Windows\system32\Dism
2018-08-06 22:54:17 ----D---- C:\Windows\system32\CodeIntegrity
2018-08-06 22:54:14 ----D---- C:\Windows\system32\Boot
2018-08-06 22:53:59 ----D---- C:\Windows\system32\DriverStore
2018-08-06 22:49:12 ----D---- C:\Windows\system32\drivers\etc
2018-08-06 22:40:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-08-06 22:40:35 ----D---- C:\Windows\system32\MRT
2018-08-06 22:33:15 ----D---- C:\Windows\debug
2018-08-06 22:32:55 ----AC---- C:\Windows\system32\MRT.exe
2018-08-06 22:02:07 ----D---- C:\Program Files\Intel
2018-08-06 21:57:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2018-08-06 21:54:49 ----D---- C:\Windows\system32\Tasks
2018-08-06 21:54:35 ----SD---- C:\ProgramData\Microsoft
2018-08-06 21:34:38 ----D---- C:\Program Files\CCleaner
2018-08-06 21:07:15 ----HD---- C:\ProgramData
2018-08-01 14:26:01 ----D---- C:\ProgramData\CanonIJPLM
2018-07-31 15:53:37 ----D---- C:\Users\Katka\AppData\Roaming\Canon
2018-07-31 10:31:34 ----D---- C:\Windows\Prefetch
2018-07-24 10:30:39 ----D---- C:\Windows\system32\NDF
2018-07-23 08:56:10 ----D---- C:\Program Files\Java
2018-07-23 08:56:09 ----D---- C:\Program Files\Common Files
2018-07-23 08:54:34 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2018-07-17 00:02:15 ----N---- C:\Windows\system32\MpSigStub.exe
2018-07-16 15:11:21 ----D---- C:\ProgramData\Skype
2018-07-16 15:11:20 ----RD---- C:\Program Files\Skype
2018-07-16 15:11:05 ----D---- C:\Users\Katka\AppData\Roaming\Skype
2018-07-11 09:05:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-07-11 09:05:03 ----D---- C:\Windows\system32\Macromed
2018-07-10 08:35:05 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-07-10 08:35:05 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2018-07-30 92600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-07-30 124376]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-07-30 150792]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-07-30 73424]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-07-30 54240]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-07-30 95224]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2018-06-19 129248]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-07-30 43816]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-08-06 165608]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-08-07 95488]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-08-07 42728]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-08-07 220896]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-08-07 73336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2018-02-10 52928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys [2007-12-14 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2018-02-10 51904]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2018-02-10 52928]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-07-30 1817952]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 4753104]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2018-04-20 3892256]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2018-04-20 3943664]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-02-06 233712]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-07-30 1817952]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 104960]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-07-09 177104]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2018-03-26 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Re: Outlook odesílá sám emaily

Napsal: 07 srp 2018 19:00
od Rudy
OK. Především si změňte heslo. Pak spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Outlook odesílá sám emaily

Napsal: 07 srp 2018 19:24
od greatone
Heslo do emailu už se asi změnit nepodaří. Při založení emailu nezadala žádnou metodu obnovení. Nezadala ani tel. číslo, ani záložní email. Podpora volny by heslo obnovila jen v případě že jím řekneme několik emailů na které bylo zasíláno přes webové rozhraní což se už roky neděje. Nebo jste myslel nějaké jiné heslo ?

Re: Outlook odesílá sám emaily

Napsal: 07 srp 2018 19:55
od Rudy
Myslel jsem heslo do mailu. Mělo by jít změnit přímo na webu ve schránce (tedy většinou). Bez změny se bude problém opakovat, neboť heslo bylo někde prozrazeno, nebo hacknuto. Teď bych prosil ten ADW log.

Re: Outlook odesílá sám emaily

Napsal: 07 srp 2018 20:41
od greatone
Email už je tedy ztracen...
Zde je log

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-07-2018
# Duration: 00:00:09
# OS: Windows 7 Professional
# Cleaned: 200
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Guest\AppData\Local\AskToolbar
Deleted C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\Auslogics
Deleted HKU\.DEFAULT\Software\Auslogics
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bettersearch.biz
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bettersearch.biz
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bettersearch.biz
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2200128270-2439998979-2784720313-1000\Software\AVG Security Toolbar
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\AVG Security Toolbar
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\AVG Security Toolbar
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Deleted HKLM\SOFTWARE\RegisteredApplications|jZip
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Deleted HKLM\Software\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}
Deleted HKLM\Software\Classes\CLSID\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}
Deleted HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{95289393-33EA-4F8D-B952-483415B9C955}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\oneclicksearches.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\oneclicksearches.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\oneclicksearches.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\lineroyalruby.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\gamezroyalruby.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\lineroyalruby.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\gamezroyalruby.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\lineroyalruby.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\gamezroyalruby.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\livesearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\livesearchnow.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\livesearchnow.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchdialcdn.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchdialcdn.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchdialcdn.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\istarthere.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\istarthere.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\istarthere.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\imesh2008.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\downloadimesh.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\imesh2008.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\downloadimesh.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\imesh2008.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\downloadimesh.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\gedichteoma.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\gedichteoma.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\gedichteoma.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\eazel.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\eazel.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\eazel.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchspace.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\helpyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchspace.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\helpyoursearch.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchspace.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\helpyoursearch.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicemoviejokes.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nice-movie-jokes.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicemoviejokes.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nice-movie-jokes.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicemoviejokes.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nice-movie-jokes.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\buenosearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\buenosearch.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\buenosearch.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\certified-toolbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\certified-toolbar.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\certified-toolbar.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mp3bearshare.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\free-bearshares.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharepro2007.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharepro-download.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharelive.co.uk
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-usa.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-uk.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-music-downloads.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-downloads.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-download.org
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-d0wnload.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mp3bearshare.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\free-bearshares.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharepro2007.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharepro-download.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharelive.co.uk
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-usa.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-uk.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-music-downloads.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-downloads.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-download.org
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-d0wnload.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mp3bearshare.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\free-bearshares.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharepro2007.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharepro-download.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearsharelive.co.uk
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-usa.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-uk.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-music-downloads.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-downloads.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-download.org
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bearshare-d0wnload.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adanak.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adanak.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adanak.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mediaactivextask.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mediaactivextask.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mediaactivextask.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\peoplesearchengine.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\peoplesearchengine.info
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\peoplesearchengine.info
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\aartemis.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\aartemis.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\aartemis.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp2007.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp-hq.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp-download-now.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp2007.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp-hq.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp-download-now.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp2007.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp-hq.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\winamp-download-now.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startsear.ch
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startsear.ch
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startsear.ch
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\sweetim.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\sweetim.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\sweetim.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\favorit-network.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\favorit-network.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\favorit-network.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\180searchassistant.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\180searchassistant.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\180searchassistant.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\directsearchzone.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\directsearchzone.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\directsearchzone.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\photorepositary.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\photorepositary.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\photorepositary.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\sweetpacks.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\sweetpacks.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\sweetpacks.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [28123 octets] - [07/08/2018 21:17:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Outlook odesílá sám emaily

Napsal: 07 srp 2018 20:57
od Rudy
Dejte nový log RSIT.

Re: Outlook odesílá sám emaily

Napsal: 07 srp 2018 21:09
od greatone
Logfile of random's system information tool 1.10 (written by random/random)
Run by Katka at 2018-08-07 22:06:18
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (28%) free of 100 GB
Total RAM: 3293 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:37, on 7.8.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19081)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET Security\egui.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files\Canon\Quick Menu\CNQMSWCS.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Katka\Desktop\RSIT.exe
C:\Program Files\trend micro\Katka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Security\ecmds.exe" /launch /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1411
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 7414 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\yrw4ptwp.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "https://www.google.cz/?gws_rd=ssl"
prefs.js - "keyword.URL" - "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.181.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.181.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-07-23 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-23 194424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23 4445272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
""= []
"CanonQuickMenu"=C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [2014-01-17 1284680]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2018-07-30 170128]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2018-07-07 601424]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2018-04-20 6788032]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... =10.0.1411 []

C:\Users\Katka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3filter"=ac3filter.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-07 18:38:35 ----D---- C:\Program Files\trend micro
2018-08-07 18:38:34 ----D---- C:\rsit
2018-08-07 18:32:36 ----A---- C:\Windows\system32\poqexec.exe
2018-08-07 07:53:10 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-08-07 07:52:26 ----A---- C:\Windows\system32\wksprt.exe
2018-08-07 07:52:26 ----A---- C:\Windows\system32\tsgqec.dll
2018-08-07 07:52:26 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-08-07 07:52:26 ----A---- C:\Windows\system32\mstscax.dll
2018-08-07 07:14:47 ----A---- C:\Windows\system32\rdpudd.dll
2018-08-07 07:14:47 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-08-07 07:14:47 ----A---- C:\Windows\system32\rdpcorets.dll
2018-08-06 22:47:08 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-08-06 22:47:04 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-08-06 22:29:58 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-08-06 22:29:54 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-08-06 22:29:46 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-08-06 22:29:45 ----A---- C:\Windows\system32\wksprtPS.dll
2018-08-06 22:29:45 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-08-06 22:29:45 ----A---- C:\Windows\system32\mstsc.exe
2018-08-06 22:29:45 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-08-06 22:03:34 ----SHD---- C:\Config.Msi
2018-08-06 22:02:20 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-06 21:57:50 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\vbscript.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\KernelBase.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\hlink.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\gdi32.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\FntCache.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\drivers\luafv.sys
2018-08-06 21:57:50 ----A---- C:\Windows\system32\cdd.dll
2018-08-06 21:57:50 ----A---- C:\Windows\system32\basecsp.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\wlansec.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\wlanapi.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\win32k.sys
2018-08-06 21:57:49 ----A---- C:\Windows\system32\UtcResources.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\usp10.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\scksp.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\rtm.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\jsproxy.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\iprtprio.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\ieUnatt.exe
2018-08-06 21:57:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\fontsub.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\dxtmsft.dll
2018-08-06 21:57:49 ----A---- C:\Windows\system32\DWrite.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\wlanmsm.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\wlanhlp.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\t2embed.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\kernel32.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\jscript.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\iprtrmgr.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\icm32.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\drivers\hidparse.sys
2018-08-06 21:57:48 ----A---- C:\Windows\system32\diagtrack.dll
2018-08-06 21:57:48 ----A---- C:\Windows\system32\atmlib.dll
2018-08-06 21:57:47 ----A---- C:\Windows\system32\wininet.dll
2018-08-06 21:57:47 ----A---- C:\Windows\system32\dxtrans.dll
2018-08-06 21:57:46 ----A---- C:\Windows\system32\ieui.dll
2018-08-06 21:57:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-08-06 21:57:45 ----A---- C:\Windows\system32\mshtmled.dll
2018-08-06 21:57:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-08-06 21:57:44 ----A---- C:\Windows\system32\iertutil.dll
2018-08-06 21:57:43 ----A---- C:\Windows\system32\jscript9.dll
2018-08-06 21:57:42 ----A---- C:\Windows\system32\wlansvc.dll
2018-08-06 21:57:42 ----A---- C:\Windows\system32\webservices.dll
2018-08-06 21:57:41 ----A---- C:\Windows\system32\mshtml.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\wups.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\winnsi.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\wdigest.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\tzres.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\schannel.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\SearchIndexer.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\pcalua.exe
2018-08-06 21:57:40 ----A---- C:\Windows\system32\msxml6r.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\msxml3r.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\mstext40.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\mssitlb.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\msexch40.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\mferror.dll
2018-08-06 21:57:40 ----A---- C:\Windows\system32\drivers\swenum.sys
2018-08-06 21:57:40 ----A---- C:\Windows\system32\drivers\fastfat.sys
2018-08-06 21:57:40 ----A---- C:\Windows\system32\dciman32.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\msnetobj.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\drmmgrtn.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\drivers\exfat.sys
2018-08-06 21:57:39 ----A---- C:\Windows\system32\cryptbase.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\blackbox.dll
2018-08-06 21:57:39 ----A---- C:\Windows\system32\AUDIOKSE.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\wvc.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\wups2.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\wpnpinst.exe
2018-08-06 21:57:38 ----A---- C:\Windows\system32\spoolsv.exe
2018-08-06 21:57:38 ----A---- C:\Windows\system32\rrinstaller.exe
2018-08-06 21:57:38 ----A---- C:\Windows\system32\pnrpsvc.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\mssrch.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\mssprxy.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\msscntrs.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\mmcshext.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\inetppui.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\IcCoinstall.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\credssp.dll
2018-08-06 21:57:38 ----A---- C:\Windows\system32\asycfilt.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\wkssvc.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\TSpkg.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\sscore.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\samlib.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\pcaevts.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\olepro32.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\nsisvc.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\msv1_0.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\icaapi.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\drmv2clt.dll
2018-08-06 21:57:37 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-08-06 21:57:37 ----A---- C:\Windows\system32\apisetschema.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\traffic.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\rpchttp.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\rdpcore.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\P2P.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\ncrypt.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\msscp.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\mfps.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\mfpmp.exe
2018-08-06 21:57:36 ----A---- C:\Windows\system32\EncDump.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2018-08-06 21:57:36 ----A---- C:\Windows\system32\drivers\ntfs.sys
2018-08-06 21:57:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-08-06 21:57:36 ----A---- C:\Windows\system32\ci.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\bcryptprimitives.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\bcrypt.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\AudioSes.dll
2018-08-06 21:57:36 ----A---- C:\Windows\system32\audiodg.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\win32spl.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\UIAnimation.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\tquery.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\srvsvc.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\scesrv.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\samsrv.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\qdvd.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\ntprint.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\msxml3.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\msihnd.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\msiexec.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\mmc.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\mfmjpegdec.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\lsass.exe
2018-08-06 21:57:35 ----A---- C:\Windows\system32\lpk.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\kerberos.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\inetpp.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\evr.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\cic.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\catsrvut.dll
2018-08-06 21:57:35 ----A---- C:\Windows\system32\advapi32.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\wsnmp32.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\wmdrmsdk.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\wintrust.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\WinSCard.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\TabSvc.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\rpcss.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\rpcrt4.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\pcadm.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\p2psvc.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\oleaut32.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\MPSSVC.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\mprdim.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\mfplat.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2018-08-06 21:57:34 ----A---- C:\Windows\system32\drivers\cng.sys
2018-08-06 21:57:34 ----A---- C:\Windows\system32\davclnt.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\cryptsvc.dll
2018-08-06 21:57:34 ----A---- C:\Windows\system32\cryptnet.dll
2018-08-06 21:57:33 ----A---- C:\Windows\system32\mscms.dll
2018-08-06 21:57:33 ----A---- C:\Windows\system32\audiosrv.dll
2018-08-06 21:57:33 ----A---- C:\Windows\system32\AudioEng.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\wer.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\Query.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\quartz.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\itss.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\dnsapi.dll
2018-08-06 21:57:32 ----A---- C:\Windows\system32\comsvcs.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\Wldap32.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\msi.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\mmcndmgr.dll
2018-08-06 21:57:31 ----A---- C:\Windows\system32\inetcomm.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\pla.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\msxml6.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\lsasrv.dll
2018-08-06 21:57:30 ----A---- C:\Windows\system32\localspl.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\pdh.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\ole32.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-08-06 21:57:29 ----A---- C:\Windows\system32\crypt32.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\wisptis.exe
2018-08-06 21:57:28 ----A---- C:\Windows\system32\WebClnt.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\cdosys.dll
2018-08-06 21:57:28 ----A---- C:\Windows\system32\adsmsext.dll
2018-08-06 21:57:27 ----A---- C:\Windows\system32\wmp.dll
2018-08-06 21:57:27 ----A---- C:\Windows\system32\pcasvc.dll
2018-08-06 21:57:27 ----A---- C:\Windows\system32\mf.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\wmploc.DLL
2018-08-06 21:57:26 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-06 21:57:26 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-08-06 21:57:26 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-08-06 21:57:26 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\wudriver.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\wfapigp.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\WcsPlugInService.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\spwmp.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msrepl40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msrd3x40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msrd2x40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msjtes40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msjint40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msjetoledb40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\msexcl40.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\icfupgd.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-08-06 21:57:25 ----A---- C:\Windows\system32\drivers\srvnet.sys
2018-08-06 21:57:25 ----A---- C:\Windows\system32\drivers\hidusb.sys
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-08-06 21:57:25 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wuwebv.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wuaueng.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wsmprovhost.exe
2018-08-06 21:57:24 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\wshnetbs.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\sspisrv.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\secur32.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\nsi.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msxbde40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\mswstr10.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\mswdat10.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\mspbde40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msltus40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msjter40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\msjet40.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\iernonce.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\srv2.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\pci.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\nwifi.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\nsiproxy.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\netbt.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\netbios.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\hidclass.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\drivers\errdev.sys
2018-08-06 21:57:24 ----A---- C:\Windows\system32\csrsrv.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\appidsvc.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\appidapi.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-08-06 21:57:24 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\zipfldr.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\wuapp.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\WsmWmiPl.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\WsmAuto.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\wshqos.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\ucrtbase.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\sspicli.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\rstrui.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\PeerDistWSDDiscoProv.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\PeerDistHttpTrans.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\PeerDist.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\inseng.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-06 21:57:23 ----A---- C:\Windows\system32\halacpi.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\hal.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\tdx.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\srv.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\pacer.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\http.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\drivers\afd.sys
2018-08-06 21:57:23 ----A---- C:\Windows\system32\appinfo.dll
2018-08-06 21:57:23 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-08-06 21:57:22 ----A---- C:\Windows\system32\sysmain.dll
2018-08-06 21:57:22 ----A---- C:\Windows\system32\smss.exe
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\rdbss.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\clfs.sys
2018-08-06 21:57:22 ----A---- C:\Windows\system32\atmfd.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\wuauclt.exe
2018-08-06 21:57:21 ----A---- C:\Windows\system32\wuapi.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\WsmSvc.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\urlmon.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\PeerDistSvc.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\ntdll.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\iedkcs32.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\halmacpi.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\drivers\bowser.sys
2018-08-06 21:57:21 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-08-06 21:57:20 ----A---- C:\Windows\system32\xpsrchvw.exe
2018-08-06 21:57:20 ----A---- C:\Windows\system32\wucltux.dll
2018-08-06 21:57:20 ----A---- C:\Windows\system32\ntkrnlpa.exe
2018-08-06 21:57:20 ----A---- C:\Windows\system32\drivers\termdd.sys
2018-08-06 21:57:20 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2018-08-06 21:57:20 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-08-06 21:57:19 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-06 21:57:19 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\webcheck.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\shdocvw.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\msrating.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\INETRES.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\iesetup.dll
2018-08-06 21:57:18 ----A---- C:\Windows\system32\cryptui.dll
2018-08-06 21:57:17 ----A---- C:\Windows\system32\themeui.dll
2018-08-06 21:57:17 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-06 21:57:17 ----A---- C:\Windows\system32\mmcbase.dll
2018-08-06 21:57:17 ----A---- C:\Windows\system32\ieframe.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\wsmplpxy.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\werdiagcontroller.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\srclient.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\plasrv.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\pcawrk.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\netbtugc.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\mssphtb.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\msshooks.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\MigAutoPlay.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\dxmasf.dll
2018-08-06 21:57:16 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-08-06 21:57:16 ----A---- C:\Windows\system32\comcat.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\wermgr.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\vmictimeprovider.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\srcore.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\sdchange.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\resmon.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\pdhui.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\mssph.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\msrahc.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\msmmsp.dll
2018-08-06 21:57:15 ----A---- C:\Windows\system32\conhost.exe
2018-08-06 21:57:15 ----A---- C:\Windows\system32\auditpol.exe
2018-08-06 21:57:14 ----A---- C:\Windows\system32\winsrv.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\streamci.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\racpldlg.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\msinfo32.exe
2018-08-06 21:57:14 ----A---- C:\Windows\system32\itircl.dll
2018-08-06 21:57:14 ----A---- C:\Windows\system32\IMJP10K.DLL
2018-08-06 21:57:14 ----A---- C:\Windows\system32\hhsetup.dll
2018-08-06 21:57:14 ----A---- C:\Windows\hh.exe
2018-08-06 21:57:13 ----A---- C:\Windows\system32\perfmon.exe
2018-08-06 21:57:13 ----A---- C:\Windows\system32\bcdedit.exe
2018-08-06 21:57:12 ----A---- C:\Windows\system32\WinSetupUI.dll
2018-08-06 21:57:12 ----A---- C:\Windows\system32\vmicsvc.exe
2018-08-06 21:57:11 ----A---- C:\Windows\system32\PrintBrmUi.exe
2018-08-06 21:57:11 ----A---- C:\Windows\system32\occache.dll
2018-08-06 21:57:11 ----A---- C:\Windows\system32\mssvp.dll
2018-08-06 21:57:11 ----A---- C:\Windows\system32\msra.exe
2018-08-06 21:57:10 ----A---- C:\Windows\system32\gpedit.dll
2018-08-06 21:57:10 ----A---- C:\Windows\HelpPane.exe
2018-08-06 21:57:09 ----A---- C:\Windows\system32\wdc.dll
2018-08-06 21:57:09 ----A---- C:\Windows\system32\consent.exe
2018-08-06 21:57:09 ----A---- C:\Windows\system32\authui.dll
2018-08-06 21:57:08 ----A---- C:\Windows\system32\rundll32.exe
2018-08-06 21:57:08 ----A---- C:\Windows\system32\ntprint.exe
2018-08-06 21:57:08 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-08-06 21:57:07 ----A---- C:\Windows\system32\user32.dll
2018-08-06 21:57:07 ----A---- C:\Windows\system32\msctf.dll
2018-08-06 21:57:06 ----A---- C:\Windows\system32\shell32.dll
2018-08-06 21:56:59 ----A---- C:\Windows\system32\input.dll
2018-08-06 21:56:58 ----A---- C:\Windows\system32\scavengeui.dll
2018-08-06 21:56:58 ----A---- C:\Windows\system32\cryptsp.dll
2018-08-06 21:56:57 ----A---- C:\Windows\system32\winload.exe
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-08-06 21:56:56 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-08-06 21:56:54 ----A---- C:\Windows\system32\WsmRes.dll
2018-08-06 21:56:54 ----A---- C:\Windows\system32\oleres.dll
2018-08-06 21:56:54 ----A---- C:\Windows\system32\msimsg.dll
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\VIAAGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\SISAGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\AMDAGP.SYS
2018-08-06 21:56:54 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-08-06 21:56:54 ----A---- C:\Windows\system32\adtschema.dll
2018-08-06 21:56:53 ----A---- C:\Windows\system32\vmicres.dll
2018-08-06 21:56:53 ----A---- C:\Windows\system32\nlsbres.dll
2018-08-06 21:56:53 ----A---- C:\Windows\system32\msaudite.dll
2018-08-06 21:56:52 ----A---- C:\Windows\system32\msobjs.dll
2018-08-06 21:54:25 ----A---- C:\Windows\system32\sdnclean.exe
2018-08-06 21:54:10 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2018-08-06 21:51:47 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-08-06 21:51:47 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-08-06 21:51:47 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-08-06 21:51:37 ----A---- C:\Windows\system32\invagent.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\generaltel.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\devinv.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-08-06 21:51:37 ----A---- C:\Windows\system32\centel.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\appraiser.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\aitstatic.exe
2018-08-06 21:51:37 ----A---- C:\Windows\system32\aepic.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\aeinv.dll
2018-08-06 21:51:37 ----A---- C:\Windows\system32\acmigration.dll
2018-08-06 21:48:27 ----A---- C:\Windows\system32\mtxoci.dll
2018-08-06 21:48:27 ----A---- C:\Windows\system32\msorcl32.dll
2018-08-06 21:48:19 ----A---- C:\Windows\system32\WindowsCodecs.dll
2018-08-06 21:47:50 ----A---- C:\Windows\system32\EncDec.dll
2018-08-06 21:47:50 ----A---- C:\Windows\system32\CPFilters.dll
2018-08-06 21:47:33 ----A---- C:\Windows\system32\mfds.dll
2018-08-06 21:47:10 ----A---- C:\Windows\system32\seclogon.dll
2018-08-06 21:47:08 ----A---- C:\Windows\system32\tbs.dll
2018-08-06 21:47:08 ----A---- C:\Windows\system32\fveapibase.dll
2018-08-06 21:47:08 ----A---- C:\Windows\system32\fveapi.dll
2018-08-06 21:46:58 ----A---- C:\Windows\system32\webio.dll
2018-08-06 21:46:58 ----A---- C:\Windows\system32\d3d10level9.dll
2018-08-06 21:46:56 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2018-08-06 21:46:55 ----A---- C:\Windows\system32\drivers\disk.sys
2018-08-06 21:46:50 ----A---- C:\Windows\system32\winipsec.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\polstore.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\IPSECSVC.DLL
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpsvc.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpscript.exe
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpscript.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpprefcl.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\gpapi.dll
2018-08-06 21:46:50 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2018-08-06 21:46:43 ----A---- C:\Windows\system32\InkEd.dll
2018-08-06 21:46:42 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2018-08-06 21:46:40 ----A---- C:\Windows\explorer.exe
2018-08-06 21:37:20 ----A---- C:\Windows\system32\winhttp.dll
2018-08-06 21:37:19 ----A---- C:\Windows\system32\ws2_32.dll
2018-08-06 21:37:19 ----A---- C:\Windows\system32\mswsock.dll
2018-08-06 21:07:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2018-08-06 21:07:42 ----A---- C:\Windows\system32\drivers\mwac.sys
2018-08-06 21:07:42 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2018-08-06 21:07:42 ----A---- C:\Windows\system32\drivers\farflt.sys
2018-08-06 21:07:34 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-08-06 21:07:22 ----A---- C:\Windows\system32\drivers\mbae.sys
2018-08-06 21:07:15 ----D---- C:\ProgramData\Malwarebytes
2018-08-06 21:07:15 ----D---- C:\Program Files\Malwarebytes
2018-07-23 08:56:09 ----D---- C:\Program Files\Common Files\Oracle
2018-07-23 08:55:26 ----D---- C:\Program Files\Common Files\Java

======List of files/folders modified in the last 1 month======

2018-08-07 22:06:27 ----D---- C:\Windows\Temp
2018-08-07 21:43:19 ----D---- C:\Windows\system32\config
2018-08-07 21:27:45 ----D---- C:\Windows\system32\Tasks
2018-08-07 21:27:22 ----D---- C:\Windows\system32\drivers
2018-08-07 21:17:57 ----D---- C:\AdwCleaner
2018-08-07 21:12:18 ----SHD---- C:\Windows\Installer
2018-08-07 20:18:11 ----D---- C:\Windows\system32\wdi
2018-08-07 19:21:54 ----D---- C:\Windows\Microsoft.NET
2018-08-07 19:03:19 ----SHD---- C:\System Volume Information
2018-08-07 18:57:40 ----RSD---- C:\Windows\assembly
2018-08-07 18:47:04 ----D---- C:\Windows\rescache
2018-08-07 18:41:22 ----D---- C:\Windows\System32
2018-08-07 18:41:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-07 18:41:05 ----D---- C:\Windows\inf
2018-08-07 18:38:35 ----RD---- C:\Program Files
2018-08-07 18:32:00 ----D---- C:\Windows\winsxs
2018-08-07 07:54:33 ----D---- C:\Windows\system32\cs-CZ
2018-08-06 23:27:04 ----D---- C:\Windows\system32\catroot2
2018-08-06 22:59:16 ----D---- C:\Windows\Logs
2018-08-06 22:58:01 ----D---- C:\Windows
2018-08-06 22:55:02 ----D---- C:\Windows\system32\en-US
2018-08-06 22:55:02 ----D---- C:\Windows\PolicyDefinitions
2018-08-06 22:55:00 ----D---- C:\Windows\system32\wbem
2018-08-06 22:55:00 ----D---- C:\Windows\system32\drivers\en-US
2018-08-06 22:54:58 ----D---- C:\Windows\ehome
2018-08-06 22:54:56 ----SD---- C:\Windows\system32\CompatTel
2018-08-06 22:54:56 ----RSD---- C:\Windows\Fonts
2018-08-06 22:54:56 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-08-06 22:54:55 ----D---- C:\Windows\system32\appraiser
2018-08-06 22:54:55 ----D---- C:\Windows\AppPatch
2018-08-06 22:54:42 ----D---- C:\Program Files\Internet Explorer
2018-08-06 22:54:42 ----D---- C:\Program Files\DVD Maker
2018-08-06 22:54:41 ----D---- C:\Program Files\Windows Media Player
2018-08-06 22:54:40 ----D---- C:\Windows\system32\Setup
2018-08-06 22:54:40 ----D---- C:\Windows\system32\migration
2018-08-06 22:54:38 ----D---- C:\Windows\system32\migwiz
2018-08-06 22:54:38 ----D---- C:\Windows\system32\Dism
2018-08-06 22:54:17 ----D---- C:\Windows\system32\CodeIntegrity
2018-08-06 22:54:14 ----D---- C:\Windows\system32\Boot
2018-08-06 22:53:59 ----D---- C:\Windows\system32\DriverStore
2018-08-06 22:49:12 ----D---- C:\Windows\system32\drivers\etc
2018-08-06 22:40:39 ----D---- C:\ProgramData\Spybot - Search & Destroy
2018-08-06 22:40:35 ----D---- C:\Windows\system32\MRT
2018-08-06 22:33:15 ----D---- C:\Windows\debug
2018-08-06 22:32:55 ----AC---- C:\Windows\system32\MRT.exe
2018-08-06 22:02:07 ----D---- C:\Program Files\Intel
2018-08-06 21:57:58 ----D---- C:\Program Files\Spybot - Search & Destroy
2018-08-06 21:54:35 ----SD---- C:\ProgramData\Microsoft
2018-08-06 21:34:38 ----D---- C:\Program Files\CCleaner
2018-08-06 21:07:15 ----HD---- C:\ProgramData
2018-08-01 14:26:01 ----D---- C:\ProgramData\CanonIJPLM
2018-07-31 15:53:37 ----D---- C:\Users\Katka\AppData\Roaming\Canon
2018-07-31 10:31:34 ----D---- C:\Windows\Prefetch
2018-07-24 10:30:39 ----D---- C:\Windows\system32\NDF
2018-07-23 08:56:10 ----D---- C:\Program Files\Java
2018-07-23 08:56:09 ----D---- C:\Program Files\Common Files
2018-07-23 08:54:34 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2018-07-17 00:02:15 ----N---- C:\Windows\system32\MpSigStub.exe
2018-07-16 15:11:21 ----D---- C:\ProgramData\Skype
2018-07-16 15:11:20 ----RD---- C:\Program Files\Skype
2018-07-16 15:11:05 ----D---- C:\Users\Katka\AppData\Roaming\Skype
2018-07-11 09:05:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2018-07-11 09:05:03 ----D---- C:\Windows\system32\Macromed
2018-07-10 08:35:05 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-07-10 08:35:05 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2018-07-30 92600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2018-07-30 124376]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2018-07-30 150792]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-07-30 73424]
R1 EpfwLWF;ESET Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-07-30 54240]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2018-07-30 95224]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2018-06-19 129248]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-07-30 43816]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-08-06 165608]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-08-07 95488]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-08-07 42728]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-08-07 220896]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-08-07 73336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2018-02-10 52928]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys [2007-12-14 9216]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2018-02-10 51904]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2018-02-10 52928]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-03-21 83984]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-07-30 1817952]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 4753104]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2018-04-20 3892256]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2018-04-20 3943664]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-02-06 233712]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2018-07-30 1817952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11 335872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-06-16 104960]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-07-09 177104]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2018-03-26 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Re: Outlook odesílá sám emaily

Napsal: 08 srp 2018 09:21
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Outlook odesílá sám emaily

Napsal: 08 srp 2018 21:08
od greatone
Proběhlo to až na podruhé bez problémů. Poprvé to zatuhlo těsně před koncem. Napodruhé už OK

processes killed
========== FILES ==========
File/Folder C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll not found.
File/Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} not found.
File/Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\AvgUninstallURL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Katka
->Temp folder emptied: 1432 bytes
->Temporary Internet Files folder emptied: 129 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 13232104 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30464 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 8293536 bytes

Total Files Cleaned = 21,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Katka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 08082018_220340

Files moved on Reboot...
File move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Outlook odesílá sám emaily

Napsal: 09 srp 2018 08:21
od Rudy
OK. Nastala nějaká změna?

Re: Outlook odesílá sám emaily

Napsal: 09 srp 2018 21:15
od greatone
Myslím si že ano. Ještě bych se Vás chtěl zeptat zda používáte program wireshark ? Zkoušel jsem jej, ale jako laik tam toho moc nepoznám... Má to vůbec cenu se v tom šťourat ?

Díky za Vaši velkou pomoc

Re: Outlook odesílá sám emaily

Napsal: 10 srp 2018 09:21
od Rudy
Program wireshark nepoužívám, nemám důvod. Takže nic bližšího vám k němu neřeknu. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz