Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu

Příspěvekod ADA64 » 24 kvě 2017 12:51

Zdravím moderátory,
bez mála po roce se na Vás opět obracím se žádostí o pomoc. Mám podezření na nějakého skrytého hajzla, protože dle správce úloh mi aplikace WmiPrvSE.exe vytěžuje více jak z 30% procesor a běžná antivirová kontrola NODem nic nenachází a proto bych Vás rád požádal o kontrolu logu.
Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:27, on 24.5.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)

FIREFOX: 48.0.1 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\JAG\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\JAG\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Users\JAG\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [PLTHub.exe] C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe -min
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\JAG\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JAG\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\JAG\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{bf756b82-3253-49c7-b0cf-ffdbdef14241}: NameServer = 10.0.0.10
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSAllMyTubechrome - (no CLSID) - (no file)
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Active Protection (TM) Service (AcronisActiveProtectionService) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connect2 Hotspot Service (connect2hotspot) - Lenovo - C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firmware Updater Service (FirmwareUpdaterService) - Unknown owner - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @oem189.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem181.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo Instant On - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: PowerENGAGE Maintenance Service (LenovoProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Lenovo Registration\EngageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: @oem189.inf,%Lenovo.svcDesc1%;Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\WINDOWS\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Acronis Managed Machine Service Mini (mmsminisrv) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service: Server záloh mobilního zařízení Acronis (mobile_backup_server) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
O23 - Service: Stav serveru záloh mobilního zařízení Acronis (mobile_backup_status_server) - Unknown owner - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool11 (NitroDriverReadSpool11) - Nitro Software, Inc. - C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\NLSSRV32.EXE
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
O23 - Service: Plantronics Update Service (PlantronicsUpdateService) - Plantronics, Inc. - C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Smart Sense Service (SSSvc) - Lenovo - C:\Program Files (x86)\SmartSense\SSSvc.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Sierra Wireless Service (SwiService) - Sierra Wireless, Inc. - C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @oem7.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem7.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 20946 bytes

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 24 kvě 2017 20:00

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 25 kvě 2017 19:53

ATF Cleaner: hotovo

TFC: hotovo

AdwCleaner:

# AdwCleaner v6.047 - Log vytvořen 25/05/2017 v 17:10:58
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-23.1 [Server]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : JAG - JAG-PC
# Spuštěno z : C:\Users\JAG\Desktop\AdwCleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Služba nalezena: SSSvc


***** [ Složky ] *****

Složka nalezena: C:\Users\JAG\AppData\Local\Host App Service
Složka nalezena: C:\WINDOWS\SysNative\Tasks\WiseCleaner
Složka nalezena: C:\Users\JAG\AppData\Local\Host App Service
Složka nalezena: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\extensions\anttoolbar@ant.com


***** [ Soubory ] *****

Soubor nalezen: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\extensions\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.xpi
Soubor nalezen: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\invalidprefs.js
Soubor nalezen: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\searchplugins\crawlersrch.xml
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_st.chatango.com_0.localstorage
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.akcniceny.cz_0.localstorage
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.akcniceny.cz_0.localstorage-journal
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.slunecnice.cz_0.localstorage
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.slunecnice.cz_0.localstorage-journal
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_yourtemplatefinder.dl.tb.ask.com_0.localstorage
Soubor nalezen: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_yourtemplatefinder.dl.tb.ask.com_0.localstorage-journal


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.


***** [ Naplánované úlohy ] *****

Naplánovaná úloha nalezena: App Explorer
Naplánovaná úloha nalezena: WiseCleaner


***** [ Registry ] *****

Klíč nalezen: HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Host App Service
Klíč nalezen: HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: HKCU\Software\Host App Service
Klíč nalezen: HKLM\SOFTWARE\WISECLEANER
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Klíč nalezen: [x64] HKCU\Software\Host App Service
Klíč nalezen: [x64] HKLM\SOFTWARE\WISECLEANER
Klíč nalezen: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service


***** [ Internetové prohlížeče ] *****

Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933..clientLogIsEnabled" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933..clientLogServiceUrl" - "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933..uninstallLogServiceUrl" - "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallati
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.AboutPrivacyUrl" - "hxxp://www.conduit.com/privacy/Default.aspx"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.CTID" - "CT1060933"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.CommunitiesChangesLastCheckTime" - "Mon Jan 31 2011 17:55:40 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.CommunityChanged" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.CurrentServerDate" - "31-1-2011"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.DialogsAlignMode" - "LTR"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.DownloadDomainsCheckInterval" - "168"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.DownloadDomainsListLastCheckTime" - "Mon Jan 31 2011 12:30:17 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.DownloadDomainsListLastServerUpdateTime" - "1201073583"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.DownloadReferralCookieData" - ""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.FirstServerDate" - "17-1-2011"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.FirstTime" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.FirstTimeFF3" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.FixPageNotFoundErrors" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.GroupingServerCheckInterval" - 1440
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.GroupingServiceUrl" - "hxxp://grouping.services.conduit.com/"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.HasUserGlobalKeys" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.Initialize" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.InitializeCommonPrefs" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.InstallationAndCookieDataSentCount" - 3
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.InstalledDate" - "Mon Jan 17 2011 12:13:13 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.InvalidateCache" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.IsGrouping" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.IsMulticommunity" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.IsOpenThankYouPage" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.IsOpenUninstallPage" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.LanguagePackLastCheckTime" - "Sun Jan 30 2011 21:48:19 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.LanguagePackReloadIntervalMM" - 1440
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.LanguagePackServiceUrl" - "hxxp://translation.users.conduit.com/Translation.ashx"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.LastLogin_3.2.1.3" - "Tue Jan 18 2011 09:07:44 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.LastLogin_3.2.5.2" - "Mon Jan 31 2011 14:37:41 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.LatestVersion" - "3.2.5.2"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.Locale" - "en-us"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.MCDetectTooltipHeight" - "83"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.MCDetectTooltipUrl" - "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.MCDetectTooltipWidth" - "295"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioIsPodcast" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioLastCheckTime" - "Sun Jan 30 2011 21:48:21 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioLastUpdateIPServer" - "0"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioLastUpdateServer" - "129326918102570000"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioMediaID" - "21504191"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioMediaType" - "Media Player"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioMenuSelectedID" - "EBRadioMenu_CT106093321504191"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioStationName" - "KFOG"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.RadioStationURL" - "hxxp://live.cumulusstreaming.com/KFOG-FM"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SHRINK_TOOLBAR" - 1
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SavedHomepage" - "hxxp://www.seznam.cz/"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SearchFromAddressBarIsInit" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SearchInNewTabEnabled" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SearchInNewTabIntervalMM" - 1440
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SearchInNewTabLastCheckTime" - "Sun Jan 30 2011 21:48:17 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SearchInNewTabServiceUrl" - "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SearchInNewTabUsageUrl" - "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.ServiceMapLastCheckTime" - "Sun Jan 30 2011 21:48:16 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SettingsLastCheckTime" - "Mon Jan 31 2011 17:12:54 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.SettingsLastUpdate" - "1295944225"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.ThirdPartyComponentsInterval" - 504
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.ThirdPartyComponentsLastCheck" - "Mon Jan 17 2011 12:13:11 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.ThirdPartyComponentsLastUpdate" - "1246790578"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.TrusteLinkUrl" - "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.UserID" - "UN43162849919320820"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.ValidationData_Search" - 1
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.ValidationData_Toolbar" - 2
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.alertChannelId" - "15651"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.myStuffEnabled" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.myStuffPublihserMinWidth" - 400
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.myStuffSearchUrl" - "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_I
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.myStuffServiceIntervalMM" - 1440
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.myStuffServiceUrl" - "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INS
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.testingCtid" - ""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.toolbarAppMetaDataLastCheckTime" - "Sun Jan 30 2011 21:48:20 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.toolbarContextMenuLastCheckTime" - "Mon Jan 17 2011 12:13:13 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CT1060933.usagesFlag" - 2
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/CZ" - "\"0\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ" - "\"0\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1060933" - "\"0\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "L+tncv4eqt6
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "0uSPYx+Kl2jp
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "QmycQXJXVyF
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "SuMy8xgBA7+Fod
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg" - "\"01ffa8b1cc6cb1:0\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.3.2" - "\"0652eeacc6cb1:0\"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/" - "\"634289840782570000\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0" - "634303635100000000"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =1/11/2011 5:25:10 PM" - "63430363
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1060933" - "\"1295944225\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... r_dead.gif" - "\"0678fe47
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... nimize.gif" - "\"046c7ab477ac91
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... r/play.gif" - "\"0484de117c4c91:0\"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... r/stop.gif" - "\"0e7a152347ac91:0\"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/vol.gif" - "\"087c778347ac91:0\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... cale=en-us" - "\"634310612473900000\""
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.EngineOwner" - "CT1060933"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.EngineOwnerGuid" - "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.EngineOwnerToolbarId" - "freecorder"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.IsEngineShown" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.IsMyStuffImportedToEngine" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.OriginalEngineOwner" - "CT1060933"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.OriginalEngineOwnerGuid" - "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.OriginalEngineOwnerToolbarId" - "freecorder"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.SearchFromAddressBarSavedUrl" - "hxxp://search.yahoo.com/search?fr=mcafee&p="
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ToolbarsList" - "CT1060933,ConduitEngine"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.ToolbarsList2" - "CT1060933"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.alertDialogsGetterLastCheckTime" - "Fri Mar 25 2011 12:21:13 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.alertInfoInterval" - 1440
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.alertInfoLastCheckTime" - "Fri Apr 15 2011 12:51:57 GMT+0200"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.clientsServerUrl" - "hxxp://alert.client.conduit.com"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.locale" - "en"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.loginIntervalMin" - 1440
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.loginLastCheckTime" - "Fri Apr 15 2011 12:51:32 GMT+0200"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.loginLastUpdateTime" - "1291048634"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.messageShowTimeSec" - 20
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.servicesServerUrl" - "hxxp://alert.services.conduit.com"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.showTrayIcon" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.userCloseIntervalMin" - 300
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.alert.userId" - "3aa49bdf-9fc3-4461-92fb-5b83b2254353"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.isAlertUrlAddedToFeedItemTable" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.isClickActionAddedToFeedItemTable" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "CommunityToolbar.keywordURLSelectedCTID" - "CT1060933"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.DialogsGetterLastCheckTime" - "Fri Mar 25 2011 12:21:12 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.FirstServerDate" - "01/17/2011 14"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.FirstTime" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.FirstTimeFF3" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.HasUserGlobalKeys" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.Initialize" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.InitializeCommonPrefs" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.InstalledDate" - "Mon Jan 17 2011 12:13:14 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.IsMulticommunity" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.IsOpenThankYouPage" - false
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.IsOpenUninstallPage" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.LanguagePackLastCheckTime" - "Sun Jan 30 2011 21:48:21 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.LastLogin_3.2.1.3" - "Tue Jan 18 2011 09:07:46 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.LastLogin_3.2.5.2" - "Mon Jan 31 2011 17:32:04 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.PublisherContainerWidth" - 0
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.SearchFromAddressBarIsInit" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.SettingsLastCheckTime" - "Mon Jan 31 2011 17:32:04 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.UserID" - "UN08455099039898106"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.engineLocale" - "cs"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.enngineContextMenuLastCheckTime" - "Sun Jan 30 2011 21:48:21 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.globalFirstTimeInfoLastCheckTime" - "Fri Mar 25 2011 12:21:11 GMT+0100"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.initDone" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "ConduitEngine.isAppTrackingManagerOn" - true
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "browser.search.defaultthis.engineName" - "Freecorder Customized Web Search"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "browser.search.param.yahoo-fr" - "chr-greentree_ff&type=685749"
Firefox nastavení nalezeno: [C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js] - "extensions.enabledItems" - "cs@dictionaries.addons.mozilla.org:1.0.2,firegestures@xuldev.org:1.6.1,quickdrag@mozill
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Web data] - readiris-pro.en.softonic.com
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - slunecnice.cz
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - sothink_free_video_converter.en.softonic.com
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - crawler.com
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - clipboard-recorder.en.softonic.com
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - search.conduit.com
Chromium nastavení nalezeno: [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] - search.sweetim.com

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]


*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [31019 Bajty] - [25/05/2017 17:10:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [31093 Bajty] ##########


Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.05.17
Čas skenování: 19:38
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.122
Aktualizovat verzi balíku komponent: 1.0.2020
Licence: Zkušební

-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: JAG-PC\JAG

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 452442
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 min, 24 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Jen pro info:
u tohoto posledního programu je ke stažení už zřejmě jiná verze a instalace neumožňuje žádný výběr a výsledkem je pouze zkušební verze.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 25 kvě 2017 21:34

OK.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Scan“, po prohledání klikni na „ Clean

Program provede opravu, po automatickém restartu klikni na „Log Manager“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.


Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 26 kvě 2017 18:08

Zde výsledky:
1)
# AdwCleaner v6.047 - Log vytvořen 25/05/2017 v 22:44:31
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-25.1 [Místní]
# Operační systém : Windows 10 Pro (X64)
# Uživatelské jméno : JAG - JAG-PC
# Spuštěno z : C:\Users\JAG\Desktop\AdwCleaner.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: SSSvc


***** [ Složky ] *****

[-] Složka smazána: C:\Users\JAG\AppData\Local\Host App Service
[-] Složka smazána: C:\WINDOWS\SysNative\Tasks\WiseCleaner
[#] Složka smazána po restartu: C:\Users\JAG\AppData\Local\Host App Service
[-] Složka smazána: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\extensions\anttoolbar@ant.com


***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\extensions\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.xpi
[-] Soubor smazán: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\invalidprefs.js
[-] Soubor smazán: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\searchplugins\crawlersrch.xml
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.akcniceny.cz_0.localstorage
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.akcniceny.cz_0.localstorage-journal
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.slunecnice.cz_0.localstorage
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_www.slunecnice.cz_0.localstorage-journal
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_yourtemplatefinder.dl.tb.ask.com_0.localstorage
[-] Soubor smazán: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\hxxp_yourtemplatefinder.dl.tb.ask.com_0.localstorage-journal


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****

[-] Úloha smazána: App Explorer
[-] Úloha smazána: WiseCleaner


***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Host App Service
[-] Klíč smazán: HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartu: HKCU\Software\Host App Service
[-] Klíč smazán: HKLM\SOFTWARE\WISECLEANER
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
[#] Klíč smazán po restartu: [x64] HKCU\Software\Host App Service
[-] Klíč smazán: [x64] HKLM\SOFTWARE\WISECLEANER
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service


***** [ Prohlížeče ] *****

[-] Firefox předvolby vyčištěny: "CT1060933..clientLogIsEnabled" - false
[-] Firefox předvolby vyčištěny: "CT1060933..clientLogServiceUrl" - "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"
[-] Firefox předvolby vyčištěny: "CT1060933..uninstallLogServiceUrl" - "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"
[-] Firefox předvolby vyčištěny: "CT1060933.AboutPrivacyUrl" - "hxxp://www.conduit.com/privacy/Default.aspx"
[-] Firefox předvolby vyčištěny: "CT1060933.CTID" - "CT1060933"
[-] Firefox předvolby vyčištěny: "CT1060933.CommunitiesChangesLastCheckTime" - "Mon Jan 31 2011 17:55:40 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.CommunityChanged" - true
[-] Firefox předvolby vyčištěny: "CT1060933.CurrentServerDate" - "31-1-2011"
[-] Firefox předvolby vyčištěny: "CT1060933.DialogsAlignMode" - "LTR"
[-] Firefox předvolby vyčištěny: "CT1060933.DownloadDomainsCheckInterval" - "168"
[-] Firefox předvolby vyčištěny: "CT1060933.DownloadDomainsListLastCheckTime" - "Mon Jan 31 2011 12:30:17 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.DownloadDomainsListLastServerUpdateTime" - "1201073583"
[-] Firefox předvolby vyčištěny: "CT1060933.DownloadReferralCookieData" - ""
[-] Firefox předvolby vyčištěny: "CT1060933.FirstServerDate" - "17-1-2011"
[-] Firefox předvolby vyčištěny: "CT1060933.FirstTime" - true
[-] Firefox předvolby vyčištěny: "CT1060933.FirstTimeFF3" - true
[-] Firefox předvolby vyčištěny: "CT1060933.FixPageNotFoundErrors" - true
[-] Firefox předvolby vyčištěny: "CT1060933.GroupingServerCheckInterval" - 1440
[-] Firefox předvolby vyčištěny: "CT1060933.GroupingServiceUrl" - "hxxp://grouping.services.conduit.com/"
[-] Firefox předvolby vyčištěny: "CT1060933.HasUserGlobalKeys" - true
[-] Firefox předvolby vyčištěny: "CT1060933.Initialize" - true
[-] Firefox předvolby vyčištěny: "CT1060933.InitializeCommonPrefs" - true
[-] Firefox předvolby vyčištěny: "CT1060933.InstallationAndCookieDataSentCount" - 3
[-] Firefox předvolby vyčištěny: "CT1060933.InstalledDate" - "Mon Jan 17 2011 12:13:13 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.InvalidateCache" - false
[-] Firefox předvolby vyčištěny: "CT1060933.IsGrouping" - false
[-] Firefox předvolby vyčištěny: "CT1060933.IsMulticommunity" - true
[-] Firefox předvolby vyčištěny: "CT1060933.IsOpenThankYouPage" - true
[-] Firefox předvolby vyčištěny: "CT1060933.IsOpenUninstallPage" - true
[-] Firefox předvolby vyčištěny: "CT1060933.LanguagePackLastCheckTime" - "Sun Jan 30 2011 21:48:19 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.LanguagePackReloadIntervalMM" - 1440
[-] Firefox předvolby vyčištěny: "CT1060933.LanguagePackServiceUrl" - "hxxp://translation.users.conduit.com/Translation.ashx"
[-] Firefox předvolby vyčištěny: "CT1060933.LastLogin_3.2.1.3" - "Tue Jan 18 2011 09:07:44 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.LastLogin_3.2.5.2" - "Mon Jan 31 2011 14:37:41 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.LatestVersion" - "3.2.5.2"
[-] Firefox předvolby vyčištěny: "CT1060933.Locale" - "en-us"
[-] Firefox předvolby vyčištěny: "CT1060933.MCDetectTooltipHeight" - "83"
[-] Firefox předvolby vyčištěny: "CT1060933.MCDetectTooltipUrl" - "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"
[-] Firefox předvolby vyčištěny: "CT1060933.MCDetectTooltipWidth" - "295"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioIsPodcast" - false
[-] Firefox předvolby vyčištěny: "CT1060933.RadioLastCheckTime" - "Sun Jan 30 2011 21:48:21 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioLastUpdateIPServer" - "0"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioLastUpdateServer" - "129326918102570000"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioMediaID" - "21504191"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioMediaType" - "Media Player"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioMenuSelectedID" - "EBRadioMenu_CT106093321504191"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioStationName" - "KFOG"
[-] Firefox předvolby vyčištěny: "CT1060933.RadioStationURL" - "hxxp://live.cumulusstreaming.com/KFOG-FM"
[-] Firefox předvolby vyčištěny: "CT1060933.SHRINK_TOOLBAR" - 1
[-] Firefox předvolby vyčištěny: "CT1060933.SavedHomepage" - "hxxp://www.seznam.cz/"
[-] Firefox předvolby vyčištěny: "CT1060933.SearchFromAddressBarIsInit" - true
[-] Firefox předvolby vyčištěny: "CT1060933.SearchInNewTabEnabled" - true
[-] Firefox předvolby vyčištěny: "CT1060933.SearchInNewTabIntervalMM" - 1440
[-] Firefox předvolby vyčištěny: "CT1060933.SearchInNewTabLastCheckTime" - "Sun Jan 30 2011 21:48:17 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.SearchInNewTabServiceUrl" - "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"
[-] Firefox předvolby vyčištěny: "CT1060933.SearchInNewTabUsageUrl" - "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"
[-] Firefox předvolby vyčištěny: "CT1060933.ServiceMapLastCheckTime" - "Sun Jan 30 2011 21:48:16 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.SettingsLastCheckTime" - "Mon Jan 31 2011 17:12:54 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.SettingsLastUpdate" - "1295944225"
[-] Firefox předvolby vyčištěny: "CT1060933.ThirdPartyComponentsInterval" - 504
[-] Firefox předvolby vyčištěny: "CT1060933.ThirdPartyComponentsLastCheck" - "Mon Jan 17 2011 12:13:11 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.ThirdPartyComponentsLastUpdate" - "1246790578"
[-] Firefox předvolby vyčištěny: "CT1060933.TrusteLinkUrl" - "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112"
[-] Firefox předvolby vyčištěny: "CT1060933.UserID" - "UN43162849919320820"
[-] Firefox předvolby vyčištěny: "CT1060933.ValidationData_Search" - 1
[-] Firefox předvolby vyčištěny: "CT1060933.ValidationData_Toolbar" - 2
[-] Firefox předvolby vyčištěny: "CT1060933.alertChannelId" - "15651"
[-] Firefox předvolby vyčištěny: "CT1060933.myStuffEnabled" - true
[-] Firefox předvolby vyčištěny: "CT1060933.myStuffPublihserMinWidth" - 400
[-] Firefox předvolby vyčištěny: "CT1060933.myStuffSearchUrl" - "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
[-] Firefox předvolby vyčištěny: "CT1060933.myStuffServiceIntervalMM" - 1440
[-] Firefox předvolby vyčištěny: "CT1060933.myStuffServiceUrl" - "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"
[-] Firefox předvolby vyčištěny: "CT1060933.testingCtid" - ""
[-] Firefox předvolby vyčištěny: "CT1060933.toolbarAppMetaDataLastCheckTime" - "Sun Jan 30 2011 21:48:20 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.toolbarContextMenuLastCheckTime" - "Mon Jan 17 2011 12:13:13 GMT+0100"
[-] Firefox předvolby vyčištěny: "CT1060933.usagesFlag" - 2
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/CZ" - "\"0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/CZ" - "\"0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1060933" - "\"0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "L+tncv4eqt6Qm5T3dzChdA=="
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "0uSPYx+Kl2jpu8sJZMeHjw=="
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "QmycQXJXVyFVAzIiNllWhQ=="
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... cale=en-us" - "SuMy8xgBA7+FodOxmk9aiQ=="
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg" - "\"01ffa8b1cc6cb1:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... er=3.3.3.2" - "\"0652eeacc6cb1:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/" - "\"634289840782570000\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0" - "634303635100000000"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... =1/11/2011 5:25:10 PM" - "634303635100000000"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1060933" - "\"1295944225\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... r_dead.gif" - "\"0678fe477ac91:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... nimize.gif" - "\"046c7ab477ac91:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... r/play.gif" - "\"0484de117c4c91:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... r/stop.gif" - "\"0e7a152347ac91:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/vol.gif" - "\"087c778347ac91:0\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... cale=en-us" - "\"634310612473900000\""
[-] Firefox předvolby vyčištěny: "CommunityToolbar.EngineOwner" - "CT1060933"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.EngineOwnerGuid" - "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.EngineOwnerToolbarId" - "freecorder"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.IsEngineShown" - false
[-] Firefox předvolby vyčištěny: "CommunityToolbar.IsMyStuffImportedToEngine" - true
[-] Firefox předvolby vyčištěny: "CommunityToolbar.OriginalEngineOwner" - "CT1060933"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.OriginalEngineOwnerGuid" - "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.OriginalEngineOwnerToolbarId" - "freecorder"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.SearchFromAddressBarSavedUrl" - "hxxp://search.yahoo.com/search?fr=mcafee&p="
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ToolbarsList" - "CT1060933,ConduitEngine"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.ToolbarsList2" - "CT1060933"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.alertDialogsGetterLastCheckTime" - "Fri Mar 25 2011 12:21:13 GMT+0100"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.alertInfoInterval" - 1440
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.alertInfoLastCheckTime" - "Fri Apr 15 2011 12:51:57 GMT+0200"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.clientsServerUrl" - "hxxp://alert.client.conduit.com"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.locale" - "en"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.loginIntervalMin" - 1440
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.loginLastCheckTime" - "Fri Apr 15 2011 12:51:32 GMT+0200"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.loginLastUpdateTime" - "1291048634"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.messageShowTimeSec" - 20
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.servicesServerUrl" - "hxxp://alert.services.conduit.com"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.showTrayIcon" - false
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.userCloseIntervalMin" - 300
[-] Firefox předvolby vyčištěny: "CommunityToolbar.alert.userId" - "3aa49bdf-9fc3-4461-92fb-5b83b2254353"
[-] Firefox předvolby vyčištěny: "CommunityToolbar.isAlertUrlAddedToFeedItemTable" - true
[-] Firefox předvolby vyčištěny: "CommunityToolbar.isClickActionAddedToFeedItemTable" - true
[-] Firefox předvolby vyčištěny: "CommunityToolbar.keywordURLSelectedCTID" - "CT1060933"
[-] Firefox předvolby vyčištěny: "ConduitEngine.DialogsGetterLastCheckTime" - "Fri Mar 25 2011 12:21:12 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.FirstServerDate" - "01/17/2011 14"
[-] Firefox předvolby vyčištěny: "ConduitEngine.FirstTime" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.FirstTimeFF3" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.HasUserGlobalKeys" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.Initialize" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.InitializeCommonPrefs" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.InstalledDate" - "Mon Jan 17 2011 12:13:14 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.IsMulticommunity" - false
[-] Firefox předvolby vyčištěny: "ConduitEngine.IsOpenThankYouPage" - false
[-] Firefox předvolby vyčištěny: "ConduitEngine.IsOpenUninstallPage" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.LanguagePackLastCheckTime" - "Sun Jan 30 2011 21:48:21 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.LastLogin_3.2.1.3" - "Tue Jan 18 2011 09:07:46 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.LastLogin_3.2.5.2" - "Mon Jan 31 2011 17:32:04 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.PublisherContainerWidth" - 0
[-] Firefox předvolby vyčištěny: "ConduitEngine.SearchFromAddressBarIsInit" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.SettingsLastCheckTime" - "Mon Jan 31 2011 17:32:04 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.UserID" - "UN08455099039898106"
[-] Firefox předvolby vyčištěny: "ConduitEngine.engineLocale" - "cs"
[-] Firefox předvolby vyčištěny: "ConduitEngine.enngineContextMenuLastCheckTime" - "Sun Jan 30 2011 21:48:21 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.globalFirstTimeInfoLastCheckTime" - "Fri Mar 25 2011 12:21:11 GMT+0100"
[-] Firefox předvolby vyčištěny: "ConduitEngine.initDone" - true
[-] Firefox předvolby vyčištěny: "ConduitEngine.isAppTrackingManagerOn" - true
[-] Firefox předvolby vyčištěny: "browser.search.defaultthis.engineName" - "Freecorder Customized Web Search"
[-] Firefox předvolby vyčištěny: "browser.search.param.yahoo-fr" - "chr-greentree_ff&type=685749"
[-] Firefox předvolby vyčištěny: "extensions.enabledItems" - "cs@dictionaries.addons.mozilla.org:1.0.2,firegestures@xuldev.org:1.6.1,quickdrag@mozilla.ktechcomputing.com:2.1.0.1,{1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{5e594888-3e8e-47da-b2c6-b0b545112f84}:1.3.1,{aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.8,{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3,{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}:3.2,{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2,{DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.1,{FCF36B88-1BBA-487f-B64B-D2E8980A9293}:3.0,maps@ovi.com:4.0.12.12,{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2,bkmrksync@nokia.com:1.0.0.736,{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3,sidecar@amazon.com:0.7.2.6,{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3,{37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.2,save-as-pdf-ff@pdfcrowd.com:1.5,engine@conduit.com:3.2.5.2,video.downloader.plugin@ffpimp.com:3.3.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: readiris-pro.en.softonic.com
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: slunecnice.cz
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: sothink_free_video_converter.en.softonic.com
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: crawler.com
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: clipboard-recorder.en.softonic.com
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: search.conduit.com
[-] [C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [Search Provider] Smazáno: search.sweetim.com


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [20671 Bajty] - [25/05/2017 22:44:31]
C:\AdwCleaner\AdwCleaner[S0].txt - [31185 Bajty] - [25/05/2017 17:10:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [31259 Bajty] - [25/05/2017 22:37:33]
C:\AdwCleaner\AdwCleaner[S2].txt - [31335 Bajty] - [25/05/2017 22:43:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [20967 Bajty] ##########



2)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Pro x64
Ran by JAG (Administrator) on źt 25.05.2017 at 23:12:13,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\searchplugins\live-search.xml (File)
Successfully deleted: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\user.js (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25.05.2017 at 23:15:03,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3)
Sophos Virus Removal Tool: nenašel nic

4)
RogueKiller V12.10.10.0 (x64) [May 22 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.14393) 64 bits version
Spuštěno : Normální režim
Uživatel : JAG [Práva správce]
Started from : C:\Users\JAG\Desktop\RogueKiller_portable64 - kopie.exe
Mód : Prohledat -- Datum : 05/26/2017 16:38:53 (Duration : 00:38:30)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 24 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bf756b82-3253-49c7-b0cf-ffdbdef14241} | NameServer : 10.0.0.10 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bf756b82-3253-49c7-b0cf-ffdbdef14241} | DhcpNameServer : 10.0.0.8 ([]) -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7F53AE99-2884-42F0-9F60-C33C92562DD4} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1299\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5FA6D2C6-9CD5-45A0-842F-57EB4FDC7277} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1299\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F5B49313-814C-4004-ACAE-153D2C494A08} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS0006\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5A4056D1-B9C2-47F4-AB6D-F7D89C2F9976} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS0006\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6E46B5DD-FF6E-443E-820F-073AAED8E458} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS65F0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F69B4E35-E86E-422E-92C3-2C0E525A0E1A} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS65F0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DD2637EE-4E5C-4778-9EEE-C4EAF457F929} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS657E\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {65791127-390C-47A1-8AA8-5CFE7AF00D4F} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS657E\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {293EC110-A848-49E5-85E1-007B5A0F9397} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS7C29\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {983B212D-7138-495E-A749-CBFE696FF381} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS7C29\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1B53BCCD-309D-44AD-8096-C9729B7447B8} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1231\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CCC153D2-9452-40E4-8572-B12AF4AF8C89} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1231\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {514EDC76-DC48-48B1-987E-06C06594007E} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1283\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {54680937-AF82-4C58-BD6D-62DA15DE266C} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1283\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {28235A37-8B89-414B-A7A9-85FD33AA799E} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1BE3\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {BBAEAB3B-5867-464C-AC93-69C86A5D546F} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1BE3\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DA2FB89D-7DA5-4FBF-B4D3-279933C57865} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS095C\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {45F2FCBB-5186-456B-8F00-7B650DB3A6D9} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS095C\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5BA43956-C5F2-421E-A802-CB56AA7A6FBD} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS09BE\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DC204AEB-543E-425D-AC06-722B7C94A54E} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS09BE\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 8 ¤¤¤
[PUP.Gen2][Firefox:Addon] jp0977ax.default : Fast Video Download [{c50ca3c4-5656-43c2-a061-13e717f73fc8}] -> Nalezeno
[PUP.Gen2][Firefox:Addon] jp0977ax.default : Ant Video Downloader [anttoolbar@ant.com] -> Nalezeno
[PUP.Gen0][Chrome:Addon] Profile 1 : Video Downloader professional [elicpjhcidhpjomhibiffojpinpmmpil] -> Nalezeno
[PUM.HomePage][Firefox:Config] jp0977ax.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nalezeno
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://seznam.cz/] -> Nalezeno
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : homepage [http://seznam.cz/] -> Nalezeno
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.seznam.cz/] -> Nalezeno
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : session.startup_urls [http://www.seznam.cz/|https://www.seznam.cz/] -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG MZ7LN512HCHP-000 SCSI Disk Device +++++
--- User ---
[MBR] 467cc82bb6c29aa58dc80735e4612983
[BSP] ef7b4a85194d4a54aa3f6e4dcec56d19 : Lenovo|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 470559 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 966780928 | Size: 504 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 967813120 | Size: 15820 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 26 kvě 2017 18:57

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni
Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
klik nahoře vpravo na .rar-file
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;


klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 29 kvě 2017 17:14

1)
RogueKiller V12.10.10.0 (x64) [May 22 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.14393) 64 bits version
Spuštěno : Normální režim
Uživatel : JAG [Práva správce]
Started from : C:\Users\JAG\Desktop\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 05/26/2017 23:02:38 (Duration : 00:36:19)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 24 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main | Start Page : https://www.seznam.cz/ -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bf756b82-3253-49c7-b0cf-ffdbdef14241} | NameServer : 10.0.0.10 ([]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{bf756b82-3253-49c7-b0cf-ffdbdef14241} | DhcpNameServer : 10.0.0.8 ([]) -> Nahrazeno ()
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7F53AE99-2884-42F0-9F60-C33C92562DD4} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1299\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5FA6D2C6-9CD5-45A0-842F-57EB4FDC7277} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1299\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F5B49313-814C-4004-ACAE-153D2C494A08} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS0006\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5A4056D1-B9C2-47F4-AB6D-F7D89C2F9976} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS0006\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {6E46B5DD-FF6E-443E-820F-073AAED8E458} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS65F0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F69B4E35-E86E-422E-92C3-2C0E525A0E1A} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS65F0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DD2637EE-4E5C-4778-9EEE-C4EAF457F929} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS657E\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {65791127-390C-47A1-8AA8-5CFE7AF00D4F} : v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS657E\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {293EC110-A848-49E5-85E1-007B5A0F9397} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS7C29\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {983B212D-7138-495E-A749-CBFE696FF381} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS7C29\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {1B53BCCD-309D-44AD-8096-C9729B7447B8} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1231\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CCC153D2-9452-40E4-8572-B12AF4AF8C89} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1231\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {514EDC76-DC48-48B1-987E-06C06594007E} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1283\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {54680937-AF82-4C58-BD6D-62DA15DE266C} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1283\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {28235A37-8B89-414B-A7A9-85FD33AA799E} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1BE3\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {BBAEAB3B-5867-464C-AC93-69C86A5D546F} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\JAG\AppData\Local\Temp\7zS1BE3\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DA2FB89D-7DA5-4FBF-B4D3-279933C57865} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS095C\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {45F2FCBB-5186-456B-8F00-7B650DB3A6D9} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS095C\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5BA43956-C5F2-421E-A802-CB56AA7A6FBD} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS09BE\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DC204AEB-543E-425D-AC06-722B7C94A54E} : v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\JAG\AppData\Local\Temp\7zS09BE\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Smazáno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 8 ¤¤¤
[PUP.Gen2][Firefox:Addon] jp0977ax.default : Fast Video Download [{c50ca3c4-5656-43c2-a061-13e717f73fc8}] -> Smazáno
[PUP.Gen2][Firefox:Addon] jp0977ax.default : Ant Video Downloader [anttoolbar@ant.com] -> Smazáno
[PUP.Gen0][Chrome:Addon] Profile 1 : Video Downloader professional [elicpjhcidhpjomhibiffojpinpmmpil] -> Smazáno
[PUM.HomePage][Firefox:Config] jp0977ax.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nahrazeno (about:home)
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://seznam.cz/] -> Smazáno
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : homepage [http://seznam.cz/] -> Smazáno
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.seznam.cz/] -> Smazáno
[PUM.HomePage][Chrome:Config] Profile 1 [SecurePrefs] : session.startup_urls [http://www.seznam.cz/|https://www.seznam.cz/] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG MZ7LN512HCHP-000 SCSI Disk Device +++++
--- User ---
[MBR] 467cc82bb6c29aa58dc80735e4612983
[BSP] ef7b4a85194d4a54aa3f6e4dcec56d19 : Lenovo|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 470559 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 966780928 | Size: 504 MB
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 967813120 | Size: 15820 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

2) Tady jsem zapomněl před spuštěním Zoeku vypnout antivir a firewall, uvědomil jsem si to až následně, ale proběhlo vše jak je v tvém popisu, včetně restartu. Zde je výsledek (2)
Po té jsem to chtěl iniciativně napravit opakovaným spuštěním Zoeku, ale ten se ani po 16 hodinách nedokončil a tvářil se, že pracuje a když jsem zavřel okno, tak se znovu samo otevřelo a pokračoval znovu zase od začátku, což jsem udělal ještě jednou se stejným výsledkem, tak jsem ho nechal zdánlivě pracovat a druhý den po těch cca 16 hodinách jsem NTB natvrdo vypnul a znovu trochu se strachem zapnul a naštěstí vše naběhlo jak má. Z toho druhého spuštění Zoeku, nedokončeného, je log níže (2b).
Následně už jsem pokračoval dál zadání.


Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by JAG on ne 28.05.2017 at 14:31:15,24.
Microsoft Windows 10 Pro 10.0.14393 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\JAG\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28.5.2017 14:32:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Anvsoft deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\Synology deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Public\AppData\Local deleted successfully
C:\Users\JAG\AppData\Local\ActiveSync deleted successfully
C:\Users\JAG\AppData\Local\NetworkTiles deleted successfully
C:\Users\JAG\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js:
user_pref("browser.startup.homepage", "about:home"about:home);
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=mcafee&p=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Anvsoft not found
C:\Users\JAG\AppData\Roaming\calibre deleted
C:\Users\JAG\.android deleted
C:\PROGRA~3\Wondershare Video Converter Ultimate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\JAG\AppData\Local\Wondershare deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\jetpack deleted
"C:\WINDOWS\Installer\298767a1.msi" deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.204\Newtonsoft.Json.dll" deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.204\WsAppCollect.dll" deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.204\WsAppCommon.dll" not deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.204\WsAppService.exe" not deleted
"C:\PROGRA~2\Wondershare" not deleted
"C:\PROGRA~2\Wondershare\WAF" not deleted
"C:\PROGRA~2\Wondershare\WAF\2.3.1.204" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [22.10.2016 23:13]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{F74D5734-46F5-4B16-96F0-1E7FBF41B750}"="C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12" [09.05.2016 14:54]

==== Firefox Extensions ======================

ProfilePath: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default
- Google Docs Viewer - %ProfilePath%\extensions\adonis.cuhk@gmail.com
- Bookmark Previews - %ProfilePath%\extensions\bookmarkpreviews@mozdev.org
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Ovi maps browser plugin - %ProfilePath%\extensions\maps@ovi.com
- Save as PDF - %ProfilePath%\extensions\save-as-pdf-ff@pdfcrowd.com
- AmazonAssist - %ProfilePath%\extensions\sidecar@amazon.com
- KwiClick - %ProfilePath%\extensions\vinceturk@gmail.com
- WebTran - %ProfilePath%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
- Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
- PDF Download - %ProfilePath%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
- CoolPreviews - %ProfilePath%\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
- MinimizeToTray Plus - %ProfilePath%\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
- Google Docs Viewer - %ProfilePath%\extensions\adonis.cuhk@gmail.com.xpi
- FireGestures - %ProfilePath%\extensions\firegestures@xuldev.org.xpi
- Undetermined - %ProfilePath%\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
- QuickDrag - %ProfilePath%\extensions\quickdrag@mozilla.ktechcomputing.com.xpi
- Save as PDF - %ProfilePath%\extensions\save-as-pdf-ff@pdfcrowd.com.xpi
- TinEye Reverse Image Search - %ProfilePath%\extensions\tineye@ideeinc.com.xpi
- Download Youtube Videos - %ProfilePath%\extensions\video.downloader.plugin@ffpimp.com.xpi
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
- PDF Download - %ProfilePath%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi
- Save Image in Folder - %ProfilePath%\extensions\{5e594888-3e8e-47da-b2c6-b0b545112f84}.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
- gtranslate - %ProfilePath%\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

ProfilePath: C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default
- Provider for Google Calendar - %ProfilePath%\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- MS Office 2003 JB Edition v3 - %ProfilePath%\extensions\{35f30c40-35d4-11d9-8dbc-000c6e787ef9}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default
30058F2746B25F60DCC7624E227357D1 - C:\Users\JAG\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lpdfbkehegfmedglgemnhbnpmfmioggj - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Chrome Media Router - JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Video Downloader - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc
Options-old - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdokagampppgbnjfdlkfpphniapiiifn
Seznam Lištička - Slovník - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
History 2 - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp
FVD Suggestions - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caoielngcdpgeldnckhponffkiajaobo
Image Downloader - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj
Nokia Drop - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ddgankdgamemlpbbfnbdphddncdcmkhf
Tampermonkey - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
YAFlags - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk
OneNote Web Clipper - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk
CloudConvert - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk
Google Play - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi
Google Drive App Launcher - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
ThinkVantage Password Manager - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj
Simple Bookmarks - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafmgkhgdblkabfjfegmafagpccaobfg
Chrome Media Router - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
MP3 Downloader - JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pldidnmickidalpaoejffbkgkjfhohoe

==== Chromium Fix ======================

C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_yourtemplatefinder.dl.myway.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_yourtemplatefinder.dl.myway.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.ad.libimseti.cz_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.ad.libimseti.cz_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.brazzers.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.brazzers.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.user-red.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.user-red.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static1-hdgo.ru_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static1-hdgo.ru_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.user-red.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.user-red.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pornsfind.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_pornsfind.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.arriva-services.cz_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.arriva-services.cz_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_services.sony.cz_0.localstorage deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_services.sony.cz_0.localstorage-journal deleted successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04"
{FFC82AB9-B5C2-430C-BD4D-F5C1AF43371A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LNJB"

==== Reset Google Chrome ======================

C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BAC3F7A-B963-468E-982E-B5608A87408D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToolBoxFX deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JAG\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JAG\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\JAG\Downloads\Iveco_ceny\Záloha\Záloha\OLD PC\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JAG\Downloads\Iveco_ceny\Záloha\Záloha\OLD PC\Documents and Settings\jager.jiri\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JAG\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\JAG\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=309 folders=84 200037136 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\JAG\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Wondershare\WAF\2.3.1.204\WsAppCommon.dll" not found
"C:\PROGRA~2\Wondershare\WAF\2.3.1.204\WsAppService.exe" not found
"C:\PROGRA~2\Wondershare" not found

==== EOF on ne 28.05.2017 at 16:44:31,39 ======================

2)b

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by JAG on ne 28.05.2017 at 16:55:08,28.
Microsoft Windows 10 Pro 10.0.14393 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\JAG\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2.log 20774 bytes

==== System Restore Info ======================

28.5.2017 16:55:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Synology deleted successfully
C:\Users\JAG\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\JAG\AppData\Roaming\Thunderbird\Profiles\d3qxz01m.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [22.10.2016 23:13]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{F74D5734-46F5-4B16-96F0-1E7FBF41B750}"="C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12" [09.05.2016 14:54]



3)
Zemana AntiMalware 2.72.2.388 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.5.29
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
BIOS Mode : Legacy
CUID : 125B0B51EA235C22E364B4
Scan Type : Skenování systému
Duration : 4m 46s
Scanned Objects : 282029
Detected Objects : 2
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Firefox Search
Status : Skenováno
Object : CSFD - http://csfd.cz
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Firefox Search

Firefox Search
Status : Skenováno
Object : Bike-eshop.cz - http://bike-eshop.cz
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Firefox Search


Cleaning Result
-------------------------------------------------------
Cleaned : 2
Reported as safe : 0
Failed : 0

4)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:35:29, on 29.5.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)

FIREFOX: 48.0.1 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\JAG\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\JAG\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe
C:\Users\JAG\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe
C:\Users\JAG\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
C:\Users\JAG\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Users\JAG\Downloads\HijackThis (1).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
O4 - HKLM\..\Run: [PLTHub.exe] C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe -min
O4 - HKLM\..\Run: [ABNotify] C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe -auto
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\JAG\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\JAG\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\JAG\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Synology Cloud Station Backup.lnk = C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSAllMyTubechrome - (no CLSID) - (no file)
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cloud Station Backup VSS Service x64 - Unknown owner - C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
O23 - Service: Connect2 Hotspot Service (connect2hotspot) - Lenovo - C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firmware Updater Service (FirmwareUpdaterService) - Unknown owner - C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @oem189.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem181.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo EasyResume Service (Lenovo Instant On) - Lenovo Group Limited - C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: PowerENGAGE Maintenance Service (LenovoProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Lenovo Registration\EngageService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lnvDiscoveryWinSvc - Lenovo - C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
O23 - Service: @oem189.inf,%Lenovo.svcDesc1%;Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\WINDOWS\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool11 (NitroDriverReadSpool11) - Nitro Software, Inc. - C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\NLSSRV32.EXE
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
O23 - Service: Plantronics Update Service (PlantronicsUpdateService) - Plantronics, Inc. - C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe
O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: Sierra Wireless Service (SwiService) - Sierra Wireless, Inc. - C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @oem7.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem7.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Unknown owner - C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 20246 bytes

Současný stav je takový, že WMI Provider host teď monentálně teď vytěžuje procesor sice stále nejvíce ze všech procesů, ale v rozmezí mezi 5 a 15%, což je tak o 50% lepší stav než na začátku.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 29 kvě 2017 18:39

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O18 - Protocol: WSAllMyTubechrome - (no CLSID) - (no file)
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 30 kvě 2017 21:37

1) HJT vyřešeno

2)
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-05-30 20:44:01
-----------------------------
20:44:01.728 OS Version: Windows x64 6.2.9200
20:44:01.728 Number of processors: 4 586 0x3D04
20:44:01.729 ComputerName: JAG-PC UserName: JAG
20:44:02.505 Initialize success
20:44:02.555 VM: initialized successfully
20:44:02.557 VM: Intel CPU BiosDisabled
20:44:14.928 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000034
20:44:14.932 Disk 0 Vendor: SAMSUNG_MZ7LN512HCHP-000L1 EMT04L0Q Size: 488386MB BusType: 11
20:44:14.941 Disk 0 MBR read successfully
20:44:14.943 Disk 0 MBR scan
20:44:14.944 Disk 0 unknown MBR code
20:44:14.947 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
20:44:14.950 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 470559 MB offset 3074048
20:44:14.952 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 504 MB offset 966780928
20:44:14.958 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 15820 MB offset 967813120
20:44:14.973 Disk 0 scanning C:\WINDOWS\system32\drivers
20:44:16.618 Service scanning
20:44:17.265 Service edevmon C:\WINDOWS\system32\DRIVERS\edevmon.sys **LOCKED** 5
20:44:17.278 Service eelam C:\WINDOWS\system32\DRIVERS\eelam.sys **LOCKED** 5
20:44:17.296 Service ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys **LOCKED** 5
20:44:17.314 Service ekbdflt C:\WINDOWS\system32\DRIVERS\ekbdflt.sys **LOCKED** 5
20:44:17.342 Service epfw C:\WINDOWS\system32\DRIVERS\epfw.sys **LOCKED** 5
20:44:17.352 Service epfwwfp C:\WINDOWS\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
20:44:20.027 Modules scanning
20:44:20.031 Disk 0 trace - called modules:
20:44:20.039 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll iaStorA.sys
20:44:20.042 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffbb026790d060]
20:44:20.046 3 CLASSPNP.SYS[fffff8070fb45efb] -> nt!IofCallDriver -> [0xffffbb0264fb5cb0]
20:44:20.050 5 ACPI.sys[fffff8070f524571] -> nt!IofCallDriver -> \Device\00000034[0xffffbb0263e62330]
20:44:20.054 Disk 0 statistics 170266/0/0 @ 83,39 MB/s
20:44:20.057 Scan finished successfully
20:44:29.604 Disk 0 MBR has been saved successfully to "C:\Users\JAG\Desktop\MBR.dat"
20:44:29.612 The log file has been saved successfully to "C:\Users\JAG\Desktop\aswMBR.txt"

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 30 kvě 2017 21:43

3) a
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
Ran by JAG (administrator) on JAG-PC (30-05-2017 20:48:05)
Running from C:\Users\JAG\Desktop
Loaded Profiles: JAG (Available Profiles: JAG & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareUpdaterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe
() C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
() C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\FirmwareApp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\JAG\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Plantronics, Inc.) C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe
(Synology Inc.) C:\Users\JAG\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
() C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe
(Synology Inc.) C:\Users\JAG\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc.) C:\Users\JAG\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Lenovo) C:\Users\JAG\AppData\Local\Apps\2.0\AKPZYT8Z.KAR\DJER8LV3.GBN\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296648 2015-09-29] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-06-24] (Intel Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [PLTHub.exe] => C:\Program Files (x86)\Plantronics\Spokes3G\PLTHub.exe [3719120 2017-04-04] (Plantronics, Inc.)
HKLM-x32\...\Run: [ABNotify] => C:\Program Files (x86)\AOMEI Backupper\ABNotify.exe [89960 2017-03-25] ()
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [Spotify Web Helper] => C:\Users\JAG\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-28] (Spotify Ltd)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [Spotify] => C:\Users\JAG\AppData\Roaming\Spotify\Spotify.exe [7153264 2016-12-28] (Spotify Ltd)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-03-16] (Apple Inc.)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
Startup: C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-05-30]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\JAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2016-08-24]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bf756b82-3253-49c7-b0cf-ffdbdef14241}: [DhcpNameServer] 10.0.0.8
Tcpip\..\Interfaces\{d62d3f38-7f97-43aa-bc12-844e2a17f7e9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-377955874-304036406-2546264200-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-377955874-304036406-2546264200-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler: WSAllMyTubechrome - No CLSID Value
Handler: WSWSVCUchrome - No CLSID Value

FireFox:
========
FF DefaultProfile: jp0977ax.default
FF ProfilePath: C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default [2017-05-30]
FF NewTab: Mozilla\Firefox\Profiles\jp0977ax.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\jp0977ax.default -> about:home
FF Extension: (Google Docs Viewer) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\adonis.cuhk@gmail.com [2016-08-23] [not signed]
FF Extension: (Google Docs Viewer) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\adonis.cuhk@gmail.com.xpi [2016-08-23]
FF Extension: (Bookmark Previews) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\bookmarkpreviews@mozdev.org [2016-08-23] [not signed]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\cs@dictionaries.addons.mozilla.org [2016-08-23]
FF Extension: (FireGestures) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\firegestures@xuldev.org.xpi [2016-08-23]
FF Extension: (Awesome Screenshot - Capture, Annotate & More) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2017-03-30]
FF Extension: (Ovi maps browser plugin) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\maps@ovi.com [2016-08-23] [not signed]
FF Extension: (QuickDrag) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\quickdrag@mozilla.ktechcomputing.com.xpi [2016-08-23]
FF Extension: (Save as PDF) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\save-as-pdf-ff@pdfcrowd.com [2016-08-23] [not signed]
FF Extension: (Save as PDF) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2016-08-23]
FF Extension: (AmazonAssist) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\sidecar@amazon.com [2016-08-23] [not signed]
FF Extension: (TinEye Reverse Image Search) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\tineye@ideeinc.com.xpi [2017-03-30]
FF Extension: (Download Youtube Videos +) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\video.downloader.plugin@ffpimp.com.xpi [2011-03-25] [not signed]
FF Extension: (KwiClick) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\vinceturk@gmail.com [2016-08-23] [not signed]
FF Extension: (WebTran) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829} [2016-08-23] [not signed]
FF Extension: (Flagfox) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2017-03-30]
FF Extension: (Garmin Communicator) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2016-08-23]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2016-08-23] [not signed]
FF Extension: (PDF Download) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2016-08-23] [not signed]
FF Extension: (PDF Download) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2016-08-23]
FF Extension: (Save Image in Folder) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{5e594888-3e8e-47da-b2c6-b0b545112f84}.xpi [2016-08-23]
FF Extension: (ImTranslator) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2017-05-17]
FF Extension: (gtranslate) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2017-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-03-30]
FF Extension: (CoolPreviews) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B} [2016-08-23] [not signed]
FF Extension: (Adblock Plus) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-30]
FF Extension: (Download Statusbar) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2016-08-23]
FF Extension: (DownThemAll!) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-05-17]
FF Extension: (MinimizeToTray Plus) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\Extensions\{de1b245c-de57-11da-ba2d-0050c2490048} [2016-08-23] [not signed]
FF Extension: (No Name) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [not found]
FF Extension: (No Name) - C:\Users\JAG\AppData\Roaming\Mozilla\Firefox\Profiles\jp0977ax.default\extensions\anttoolbar@ant.com [not found]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-10-22] [not signed]
FF HKU\S-1-5-21-377955874-304036406-2546264200-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (No Name) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2016-05-09] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-09-14] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-377955874-304036406-2546264200-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\JAG\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default [2017-05-30]
CHR Extension: (Prezentace Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-28]
CHR Extension: (Dokumenty Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-28]
CHR Extension: (Disk Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-28]
CHR Extension: (YouTube) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-28]
CHR Extension: (Tabulky Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-28]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-28]
CHR Extension: (Gmail) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-28]
CHR Profile: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-05-30]
CHR Extension: (Prezentace Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-28]
CHR Extension: (Flash Video Downloader) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-05-28]
CHR Extension: (Dokumenty Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-28]
CHR Extension: (Disk Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-05-28]
CHR Extension: (YouTube) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-28]
CHR Extension: (History 2) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2017-05-28]
CHR Extension: (FVD Suggestions) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caoielngcdpgeldnckhponffkiajaobo [2017-05-28]
CHR Extension: (Adblock Plus) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-28]
CHR Extension: (Image Downloader) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2017-05-28]
CHR Extension: (Search by Image (by Google)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-05-28]
CHR Extension: (Nokia Drop) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ddgankdgamemlpbbfnbdphddncdcmkhf [2017-05-28]
CHR Extension: (Tampermonkey) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-05-28]
CHR Extension: (Yet another flags) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk [2017-05-28]
CHR Extension: (Gmail Offline) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2017-05-28]
CHR Extension: (Video Downloader professional) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2017-05-28]
CHR Extension: (Tabulky Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-28]
CHR Extension: (PDF to Word Doc Converter) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjhedcdiaeighcnidfhegnmfieiejmdj [2017-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-29]
CHR Extension: (AdBlock) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-28]
CHR Extension: (OneNote Web Clipper) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2017-05-28]
CHR Extension: (CloudConvert) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfpmbfgodkfcebpgheiedaddoikmljkk [2017-05-28]
CHR Extension: (Google Play Music) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2017-05-28]
CHR Extension: (Pamatovák) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfiakckbklmccchjegnnojbalafebakb [2017-05-28]
CHR Extension: (Google Play) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-05-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-28]
CHR Extension: (Mapy Google) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-05-28]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-05-28]
CHR Extension: (Simple Bookmarks) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nafmgkhgdblkabfjfegmafagpccaobfg [2017-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-29]
CHR Extension: (Synology Web Clipper) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcfbfimijgibligmbglggnbiobgjgmbk [2017-05-28]
CHR Extension: (Moje IP adresa) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2017-05-28]
CHR Extension: (Gmail) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\JAG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-28]
CHR Profile: C:\Users\JAG\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-15]
CHR HKU\S-1-5-21-377955874-304036406-2546264200-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122736 2017-03-25] (AOMEI Tech Co., Ltd.)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287256 2017-05-10] ()
R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2017-02-18] (ESET)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677880 2017-05-12] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 FirmwareUpdaterService; C:\Program Files (x86)\Sierra Wireless Inc\LENOVO MBIM Toolkit\firmwareupdaterservice.exe [100080 2016-11-29] ()
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-06-01] (HP) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382432 2017-01-11] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-04-25] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [619776 2014-12-06] (Lenovo)
R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3124808 2017-04-28] (Lenovo Group Limited)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197320 2015-09-29] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
S3 LenovoProdRegManager; C:\Program Files (x86)\Lenovo Registration\EngageService.exe [293416 2015-01-09] (Aviata, Inc.)
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [411936 2015-06-24] (Intel Corporation)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-22] (Lenovo)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [711248 2017-04-01] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327360 2016-09-14] (Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [418496 2016-09-14] ()
R2 PelService; C:\Program Files\Lenovo\Lenovo Mouse Suite\Service\PelService.exe [184088 2015-07-09] () [File not signed]
R2 PlantronicsUpdateService; C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe [1819600 2017-04-04] (Plantronics, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-05-09] ()
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1416288 2016-11-29] (Sierra Wireless, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [268888 2017-04-15] (Synaptics Incorporated)
S2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248840 2016-03-18] () [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14522512 2017-04-03] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-23] ()
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-23] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2016-12-23] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [310984 2017-01-10] ()
S3 CSRBC; C:\WINDOWS\System32\Drivers\csrbcx64.sys [38400 2017-02-06] (CSR plc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [551408 2016-06-07] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2017-02-18] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2017-02-18] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-10-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2017-02-18] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2017-02-18] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2017-02-18] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2017-02-18] (ESET)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2017-05-23] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [31744 2016-11-29] (Intel Mobile Communications)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29240 2016-04-14] (Hewlett Packard)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [253696 2017-01-13] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2017-01-10] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-30] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-30] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-30] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-30] (Malwarebytes)
S3 MBIMSS; C:\WINDOWS\System32\Drivers\swinbus01.sys [49144 2015-11-18] (Smith Micro Software, Inc.)
S3 MBIMSSfilter; C:\WINDOWS\System32\Drivers\swinbus01f.sys [49144 2015-11-18] (Smith Micro Software, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2016-10-19] (Riverbed Technology, Inc.)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-04-07] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3227616 2017-05-09] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [64088 2017-04-15] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
S3 STHFK; C:\WINDOWS\System32\Drivers\sthfk64.sys [46192 2016-05-31] (CSR plc.)
R3 SzCCID; C:\WINDOWS\system32\DRIVERS\SzCCID.sys [53400 2016-04-21] (Generic)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R2 WiseFs; C:\WINDOWS\WiseFs64.sys [14256 2016-07-20] (WiseCleaner.com) [File not signed]
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [307712 2017-04-28] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-05-29] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-05-29] (Zemana Ltd.)
U3 aswMBR; C:\Users\JAG\AppData\Local\Temp\aswMBR.sys [62728 2017-05-30] () [File not signed] <==== ATTENTION
U3 aswVmm; C:\Users\JAG\AppData\Local\Temp\aswVmm.sys [224896 2017-05-30] () <==== ATTENTION
U3 idsvc; no ImagePath

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 30 kvě 2017 22:02

3) b
==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-30 20:48 - 2017-05-30 20:48 - 00042455 _____ C:\Users\JAG\Desktop\FRST.txt
2017-05-30 20:47 - 2017-05-30 20:48 - 00000000 ____D C:\FRST
2017-05-30 20:45 - 2017-05-30 20:47 - 02429952 _____ (Farbar) C:\Users\JAG\Desktop\FRST64.exe
2017-05-30 20:44 - 2017-05-30 20:44 - 00002431 _____ C:\Users\JAG\Desktop\aswMBR.txt
2017-05-30 20:44 - 2017-05-30 20:44 - 00000512 _____ C:\Users\JAG\Desktop\MBR.dat
2017-05-30 20:41 - 2017-05-30 20:43 - 05200384 _____ (AVAST Software) C:\Users\JAG\Desktop\aswmbr.exe
2017-05-30 20:41 - 2017-05-30 20:41 - 00000000 ___HD C:\OneDriveTemp
2017-05-30 20:38 - 2017-05-30 20:38 - 00000000 ____D C:\Users\JAG\Downloads\backups
2017-05-30 12:27 - 2017-05-30 12:27 - 00000000 ____D C:\Users\JAG\Documents\FeedbackHub
2017-05-29 17:28 - 2017-05-29 17:28 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\11C86F34.sys
2017-05-29 16:34 - 2017-05-29 16:34 - 00388608 _____ (Trend Micro Inc.) C:\Users\JAG\Desktop\HijackThis (1).exe
2017-05-29 16:25 - 2017-05-29 16:25 - 00000000 ____D C:\Users\JAG\AppData\Local\PeerDistRepub
2017-05-29 15:57 - 2017-05-30 20:48 - 00090638 _____ C:\WINDOWS\ZAM.krnl.trace
2017-05-29 15:57 - 2017-05-30 20:48 - 00048587 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-05-29 15:57 - 2017-05-29 15:57 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-05-29 15:57 - 2017-05-29 15:57 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-05-29 15:57 - 2017-05-29 15:57 - 00001188 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-05-29 15:57 - 2017-05-29 15:57 - 00000000 ____D C:\Users\JAG\AppData\Local\Zemana
2017-05-29 15:57 - 2017-05-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-05-29 15:57 - 2017-05-29 15:57 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-05-29 10:01 - 2017-05-29 15:57 - 05774688 _____ (Zemana Ltd. ) C:\Users\JAG\Desktop\Zemana.AntiMalware.Setup.exe
2017-05-29 09:43 - 2017-05-29 09:43 - 00000000 ____D C:\ProgramData\Synology
2017-05-28 17:16 - 2017-05-28 17:16 - 00000000 ____D C:\zoek
2017-05-28 16:55 - 2017-05-28 17:17 - 00003285 _____ C:\runcheck.txt
2017-05-28 14:31 - 2017-05-28 15:00 - 00000000 ____D C:\zoek_backup
2017-05-28 14:28 - 2017-05-28 14:31 - 01309184 _____ C:\Users\JAG\Desktop\zoek.exe
2017-05-27 02:22 - 2017-05-27 02:22 - 00019582 _____ C:\Users\JAG\Desktop\RogueKiller2.txt
2017-05-26 18:22 - 2017-05-26 18:22 - 00000000 ____D C:\WINDOWS\Panther
2017-05-26 17:58 - 2017-05-26 17:58 - 00019410 _____ C:\Users\JAG\Desktop\RogueKiller.txt
2017-05-26 12:59 - 2017-05-26 23:01 - 26341960 _____ C:\Users\JAG\Desktop\RogueKiller_portable64.exe
2017-05-25 23:38 - 2017-05-25 23:38 - 00000000 ____D C:\ProgramData\Sophos
2017-05-25 23:36 - 2017-05-25 23:36 - 00002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-05-25 23:36 - 2017-05-25 23:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-05-25 23:36 - 2017-05-25 23:36 - 00000000 ____D C:\Program Files (x86)\Sophos
2017-05-25 23:34 - 2017-05-25 23:36 - 168007592 _____ (Sophos Limited) C:\Users\JAG\Downloads\Sophos Virus Removal Tool.exe
2017-05-25 23:15 - 2017-05-25 23:15 - 00000845 _____ C:\Users\JAG\Desktop\JRT.txt
2017-05-25 22:54 - 2017-05-25 22:54 - 00000000 _____ C:\Users\JAG\Downloads\JRT (2).exe
2017-05-25 22:53 - 2017-05-25 23:12 - 01663672 _____ (Malwarebytes) C:\Users\JAG\Desktop\JRT.exe
2017-05-25 22:53 - 2017-05-25 22:53 - 01663672 _____ (Malwarebytes) C:\Users\JAG\Downloads\JRT (1).exe
2017-05-25 22:44 - 2017-05-25 22:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\WiseCleaner
2017-05-25 19:44 - 2017-05-25 19:44 - 00001629 _____ C:\Users\JAG\Desktop\aa.txt
2017-05-25 19:36 - 2017-05-25 19:37 - 63364552 _____ (Malwarebytes ) C:\Users\JAG\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976 (2).exe
2017-05-25 19:31 - 2017-05-30 20:40 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-25 19:31 - 2017-05-30 20:40 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-25 19:31 - 2017-05-30 20:40 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-25 19:31 - 2017-05-30 20:40 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-25 19:31 - 2017-05-25 19:31 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-25 19:31 - 2017-05-25 19:31 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-25 19:31 - 2017-05-25 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-25 19:31 - 2017-05-25 19:31 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-25 19:31 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-25 19:27 - 2017-05-25 19:30 - 63364552 _____ (Malwarebytes ) C:\Users\JAG\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976 (1).exe
2017-05-25 17:13 - 2017-05-25 17:13 - 63364552 _____ (Malwarebytes ) C:\Users\JAG\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-25 17:09 - 2017-05-25 22:44 - 00000000 ____D C:\AdwCleaner
2017-05-25 17:07 - 2017-05-25 17:08 - 04110280 _____ C:\Users\JAG\Desktop\AdwCleaner.exe
2017-05-25 16:58 - 2017-05-25 16:58 - 04110280 _____ C:\Users\JAG\Downloads\AdwCleaner.exe
2017-05-25 16:35 - 2017-05-25 16:35 - 00448512 _____ (OldTimer Tools) C:\Users\JAG\Downloads\TFC.exe
2017-05-25 16:32 - 2017-05-25 16:33 - 00050688 _____ (Atribune.org) C:\Users\JAG\Downloads\ATF-Cleaner.exe
2017-05-25 15:37 - 2017-05-25 15:37 - 00000000 ____D C:\Users\JAG\Downloads\Telegram Desktop
2017-05-25 10:06 - 2017-05-25 10:06 - 00001024 ____H C:\SYSTAG.BIN
2017-05-25 00:18 - 2017-05-25 00:18 - 00005164 _____ C:\Users\JAG\Downloads\archive.zip
2017-05-24 23:14 - 2017-05-30 20:40 - 00000000 ____D C:\Users\JAG\AppData\Local\CloudStationBackup
2017-05-24 23:14 - 2017-05-24 23:14 - 76266160 _____ C:\Users\JAG\Downloads\Synology-PhotoStationUploader-Setup-083.exe
2017-05-24 23:14 - 2017-05-24 23:14 - 00001366 _____ C:\Users\Public\Desktop\Synology Cloud Station Backup.lnk
2017-05-24 23:14 - 2017-05-24 23:14 - 00000042 ____H C:\Users\JAG\.uuid
2017-05-24 23:13 - 2017-05-24 23:13 - 92234392 _____ (Synology) C:\Users\JAG\Downloads\Synology Cloud Station Drive-4.2.4-4393.exe
2017-05-24 23:12 - 2017-05-24 23:14 - 75573696 _____ (Synology) C:\Users\JAG\Downloads\Synology Cloud Station Backup-4.2.4-4393.exe
2017-05-24 22:34 - 2017-05-30 20:39 - 00000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2017-05-24 22:34 - 2017-05-30 20:39 - 00000000 ____D C:\Program Files (x86)\AOMEI Backupper
2017-05-24 22:34 - 2017-05-24 22:35 - 00000000 ____D C:\ProgramData\AomeiBR
2017-05-24 22:34 - 2017-05-24 22:34 - 00001101 _____ C:\Users\Public\Desktop\AOMEI Backupper Standard.lnk
2017-05-24 22:34 - 2017-05-24 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2017-05-24 22:34 - 2016-12-23 08:24 - 00171952 _____ C:\WINDOWS\system32\ammntdrv.sys
2017-05-24 22:34 - 2016-12-23 08:24 - 00051120 _____ C:\WINDOWS\system32\ambakdrv.sys
2017-05-24 22:34 - 2016-12-23 08:24 - 00038320 _____ C:\WINDOWS\system32\amwrtdrv.sys
2017-05-24 21:35 - 2017-05-24 22:34 - 87092504 _____ (AOMEI Technology Co., Ltd. ) C:\Users\JAG\Downloads\BackupperFull.exe
2017-05-24 21:31 - 2017-05-25 16:36 - 00066704 _____ C:\Users\JAG\Downloads\Procenta Přiražky po měsících_orig.xlsx
2017-05-24 16:33 - 2017-05-24 16:33 - 09551280 _____ (Piriform Ltd) C:\Users\JAG\Downloads\ccsetup530 (1).exe
2017-05-24 14:37 - 2017-05-24 14:37 - 05618548 _____ C:\Users\JAG\Downloads\ATI2017_userguide_en-US.pdf
2017-05-24 12:24 - 2017-05-24 12:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\JAG\Downloads\HijackThis.exe
2017-05-23 13:27 - 2017-05-24 20:33 - 00033489 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_KD servis_VZOR.xlsx
2017-05-23 12:26 - 2017-05-23 12:26 - 00181160 _____ (ESET) C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys
2017-05-22 16:15 - 2017-05-22 16:15 - 00085188 _____ C:\Users\JAG\Downloads\Hit (automaticky uloženo).xlsx
2017-05-22 16:14 - 2017-05-22 16:14 - 00045316 _____ C:\Users\JAG\Downloads\Procenta Přiražky po měsících (automaticky uloženo).xlsx
2017-05-22 15:44 - 2017-05-22 15:44 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-22 15:44 - 2017-05-22 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-22 15:43 - 2017-05-22 15:44 - 00000000 ____D C:\Program Files\iTunes
2017-05-22 15:43 - 2017-05-22 15:43 - 00000000 ____D C:\Program Files\iPod
2017-05-22 15:32 - 2017-05-22 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-05-21 11:37 - 2017-05-21 11:37 - 24087812 _____ C:\Users\JAG\Downloads\saudek_trailer_divx.avi
2017-05-21 10:32 - 2017-05-21 10:34 - 115290112 _____ C:\Users\JAG\Downloads\CrashPlan_4.8.2_Win64.msi
2017-05-19 15:36 - 2017-05-19 15:36 - 00042046 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_Carmont.xls
2017-05-19 15:34 - 2017-05-19 15:34 - 00039436 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_MT Troliga.xls
2017-05-19 15:32 - 2017-05-19 15:32 - 00028439 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_Svoboda_vzor.xlsx
2017-05-19 15:32 - 2017-05-19 15:32 - 00000165 ____H C:\Users\JAG\Downloads\~$Přehled tržeb za IČ_Svoboda_vzor.xlsx
2017-05-19 15:30 - 2017-05-19 15:30 - 00021321 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_ARRIVA sevices.xls
2017-05-19 15:28 - 2017-05-19 15:28 - 00048326 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_ANEXIA.xls
2017-05-19 15:22 - 2017-05-19 15:22 - 00043683 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_BORS.xls
2017-05-19 15:20 - 2017-05-19 15:20 - 00064207 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_Vydos.xls
2017-05-19 15:12 - 2017-05-19 15:12 - 00028114 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_Svoboda.xlsx
2017-05-19 15:08 - 2017-05-19 15:08 - 00042420 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_Pragosxls.xls
2017-05-19 14:54 - 2017-05-19 14:54 - 00004048 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_BNF.xls
2017-05-19 14:45 - 2017-05-19 14:45 - 00041867 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_Svoboda.xls
2017-05-19 14:34 - 2017-05-24 17:24 - 00061516 _____ C:\Users\JAG\Downloads\Procenta Přiražky po měsících.xlsx
2017-05-19 14:34 - 2017-05-19 14:34 - 00000165 ____H C:\Users\JAG\Downloads\~$Procenta Přiražky po měsících.xlsx
2017-05-19 14:34 - 2017-05-19 14:34 - 00000165 ____H C:\Users\JAG\Downloads\~$Hit.xlsx
2017-05-19 14:21 - 2017-05-19 14:24 - 00033661 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_KD servis.xlsx
2017-05-19 14:21 - 2017-05-19 14:21 - 00034506 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_BusLine.xlsx
2017-05-19 12:45 - 2017-05-19 12:45 - 00056096 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_KD servis.xls
2017-05-19 12:31 - 2017-05-19 12:31 - 00051010 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_BusLine.pdf
2017-05-19 12:30 - 2017-05-19 12:30 - 00113346 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_KD servis.pdf
2017-05-19 08:54 - 2017-04-15 02:24 - 00344664 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo50-8.dll
2017-05-19 08:54 - 2017-04-15 02:23 - 00427608 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2017-05-19 08:54 - 2017-04-15 02:23 - 00064088 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2017-05-19 08:54 - 2017-04-15 02:23 - 00060504 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2017-05-19 08:54 - 2017-04-15 02:23 - 00057432 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys
2017-05-19 08:53 - 2017-05-19 08:53 - 00000000 ____D C:\Users\JAG\AppData\Local\Tvsukernel
2017-05-17 13:43 - 2017-05-25 16:36 - 00085175 _____ C:\Users\JAG\Downloads\Hit.xlsx
2017-05-16 17:00 - 2017-05-19 12:33 - 00062525 _____ C:\Users\JAG\Downloads\Přehled tržeb za IČ_BusLine.xls
2017-05-15 13:58 - 2017-05-15 13:58 - 00036810 _____ C:\Users\JAG\Downloads\Parametry_smart_banky_sjednane_pres_internet_banku.pdf
2017-05-15 13:56 - 2017-05-15 13:56 - 00667441 _____ C:\Users\JAG\Downloads\STM_CZ0506000000000150177653_20160630_2016000006.PDF
2017-05-15 13:56 - 2017-05-15 13:56 - 00066400 _____ C:\Users\JAG\Downloads\STM_CZ0506000000000150177653_20160729_2016000007.PDF
2017-05-15 13:55 - 2017-05-15 13:55 - 00512365 _____ C:\Users\JAG\Downloads\STM_CZ0506000000000150177653_20160531_2016000005.PDF
2017-05-15 13:51 - 2017-05-15 13:51 - 00404686 _____ C:\Users\JAG\Downloads\Potvrzeni_o_provedene_platbe_15.05.2017_01-51.pdf
2017-05-15 13:41 - 2017-05-15 13:41 - 00141658 _____ C:\Users\JAG\Downloads\767846_DP_2016.pdf
2017-05-15 13:41 - 2017-05-15 13:41 - 00141651 _____ C:\Users\JAG\Downloads\767846_DP_2015.pdf
2017-05-15 13:41 - 2017-05-15 13:41 - 00074588 _____ C:\Users\JAG\Downloads\767846_RV_2015.pdf
2017-05-15 13:41 - 2017-05-15 13:41 - 00073815 _____ C:\Users\JAG\Downloads\767846_RV_2014.pdf
2017-05-15 13:41 - 2017-05-15 13:41 - 00073778 _____ C:\Users\JAG\Downloads\767846_RV_2013.pdf
2017-05-15 13:41 - 2017-05-15 13:41 - 00073769 _____ C:\Users\JAG\Downloads\767846_RV_2012.pdf
2017-05-15 13:40 - 2017-05-15 13:40 - 00072018 _____ C:\Users\JAG\Downloads\351694051367_3_1412_20170303.pdf
2017-05-15 13:40 - 2017-05-15 13:40 - 00071780 _____ C:\Users\JAG\Downloads\351694051367_4_1412_20170405.pdf
2017-05-15 13:40 - 2017-05-15 13:40 - 00070695 _____ C:\Users\JAG\Downloads\351694051367_5_1412_20170505.pdf
2017-05-15 13:40 - 2017-05-15 13:40 - 00069176 _____ C:\Users\JAG\Downloads\351620821357_5_1412_20170505.pdf
2017-05-11 15:44 - 2017-05-11 15:44 - 00095787 _____ C:\Users\JAG\Downloads\CPP_EMEA_03_2017_TEZAS_EUR_OK.xlsx
2017-05-11 12:02 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-11 12:02 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 12:02 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 12:02 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 12:02 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-11 12:02 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 12:02 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 12:02 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-11 12:02 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-11 12:02 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 12:02 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 12:02 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-11 12:02 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-11 12:02 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-11 12:02 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 12:02 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 12:02 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 12:02 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-11 12:02 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 12:02 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-11 12:02 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-11 12:02 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-11 12:02 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-11 12:02 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-11 12:02 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 12:02 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 12:02 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 12:02 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-11 12:02 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-11 12:02 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-11 12:02 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-11 12:02 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-11 12:02 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-11 12:02 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 12:02 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-11 12:02 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-11 12:02 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-11 12:02 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 12:02 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 12:02 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-11 12:02 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-11 12:02 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 12:02 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-11 12:02 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-11 12:02 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 12:02 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-11 12:02 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-11 12:02 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-11 12:02 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-11 12:02 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 12:02 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-11 12:02 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 12:02 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 12:02 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-11 12:02 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-11 12:02 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 12:02 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-11 12:02 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 12:02 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 12:02 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-11 12:02 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-11 12:02 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-11 12:02 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-11 12:02 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-11 12:02 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 12:02 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 12:02 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 12:02 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 12:02 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-11 12:02 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-11 12:02 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-11 12:02 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-11 12:02 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-11 12:02 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 12:02 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-11 12:02 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 12:02 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 12:02 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-11 12:02 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 12:02 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-11 12:02 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 12:02 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-11 12:02 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 12:02 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 12:02 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 12:02 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-11 12:02 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-11 12:02 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-11 12:02 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-11 12:02 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-11 12:02 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-11 12:02 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-11 12:02 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-11 12:02 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-11 12:02 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 12:02 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-11 12:02 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 12:02 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 12:02 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-11 12:02 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 12:02 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-11 12:02 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-11 12:02 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-11 12:02 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-11 12:02 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-11 12:02 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-11 12:02 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-11 12:02 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-11 12:02 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 12:02 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-11 12:02 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 12:02 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-11 12:02 - 2017-04-28 02:01 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmbclass.sys
2017-05-11 12:02 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-11 12:02 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-11 12:02 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-11 12:02 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-11 12:02 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-11 12:02 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 12:02 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-05-11 12:02 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-11 12:02 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-11 12:02 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-11 12:02 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 12:02 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 12:02 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-11 12:02 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-11 12:02 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-11 12:02 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-11 12:02 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll

ADA64
nováček
Příspěvky: 33
Registrován: červen 16
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod ADA64 » 30 kvě 2017 22:03

3) c
2017-05-11 12:02 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 12:02 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-11 12:02 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-11 12:02 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 12:02 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 12:02 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 12:02 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-11 12:02 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-11 12:02 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 12:02 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-11 12:02 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-11 12:02 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 12:02 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-11 12:02 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 12:02 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-11 12:02 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-11 12:02 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-11 12:02 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 12:02 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 12:02 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-11 12:02 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-11 12:02 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 12:02 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-11 12:02 - 2017-04-28 01:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-05-11 12:02 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-11 12:02 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 12:02 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-11 12:02 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-11 12:02 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-11 12:02 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 12:02 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-11 12:02 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-11 12:02 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 12:02 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-11 12:02 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-11 12:02 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-11 12:02 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-11 12:02 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 12:02 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-11 12:02 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-11 12:02 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 12:02 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 12:02 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-11 12:02 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-11 12:02 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 12:01 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 12:01 - 2017-04-28 02:57 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-05-11 12:01 - 2017-04-28 02:57 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-11 12:01 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 12:01 - 2017-04-28 02:57 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-05-11 12:01 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 12:01 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 12:01 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 12:01 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-11 12:01 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 12:01 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 12:01 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 12:01 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-11 12:01 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-11 12:01 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-11 12:01 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 12:01 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 12:01 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-11 12:01 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-11 12:01 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 12:01 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-11 12:01 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-11 12:01 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 12:01 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-11 12:01 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 12:01 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-11 12:01 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 12:01 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-11 12:01 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-11 12:01 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-11 12:01 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-11 12:01 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 12:01 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-11 12:01 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 12:01 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 12:01 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-11 12:01 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 12:01 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-11 12:01 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-11 12:01 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-11 12:01 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 12:01 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-11 12:01 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 12:01 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 12:01 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 12:01 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 12:01 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-11 12:01 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 12:01 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 12:01 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 12:01 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-11 12:01 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 12:01 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 12:01 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-11 12:01 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 12:01 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 12:01 - 2017-04-28 02:07 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-05-11 12:01 - 2017-04-28 02:07 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-05-11 12:01 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 12:01 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 12:01 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 12:01 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 12:01 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-11 12:01 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 12:01 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 12:01 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-11 12:01 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 12:01 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-11 12:01 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-11 12:01 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-11 12:01 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-11 12:01 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-11 12:01 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 12:01 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-11 12:01 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-11 12:01 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-11 12:01 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-11 12:01 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-11 12:01 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 12:01 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 12:01 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 12:01 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-11 12:01 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-11 12:01 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-11 12:01 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-11 12:01 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 12:01 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 12:01 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-11 12:01 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-11 12:01 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 12:01 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-11 12:01 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-11 12:01 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-11 12:01 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 12:01 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-11 12:01 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-11 12:01 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-11 12:01 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-11 12:01 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-11 12:01 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-11 12:01 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 12:01 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 12:01 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-11 12:01 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-11 12:01 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-11 12:01 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-11 12:01 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-11 12:01 - 2017-04-28 01:48 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-05-11 12:01 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-11 12:01 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-11 12:01 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-11 12:01 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-11 12:01 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-11 12:01 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-11 12:01 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 12:01 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-11 12:01 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-11 12:01 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-11 12:01 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-11 12:01 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 12:01 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-11 12:01 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 12:01 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 12:01 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-11 12:01 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-11 12:01 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-11 12:01 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-11 12:01 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-11 12:01 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-11 12:01 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-11 12:01 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-11 12:01 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 12:01 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 12:01 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 12:01 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-11 12:01 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-11 12:01 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 12:01 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 12:01 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 12:01 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-11 12:01 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-11 12:01 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-11 12:01 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-11 12:01 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-11 12:01 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-11 12:00 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-11 12:00 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-11 12:00 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-11 12:00 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-11 12:00 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-11 12:00 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-11 12:00 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 12:00 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-11 12:00 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-11 12:00 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-11 12:00 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 12:00 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-11 12:00 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-11 12:00 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-11 12:00 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-11 12:00 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 12:00 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-11 12:00 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-11 12:00 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-11 12:00 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-11 12:00 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-11 12:00 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-11 12:00 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-11 12:00 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-11 12:00 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 12:00 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-11 12:00 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-11 12:00 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-11 12:00 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-11 12:00 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-11 12:00 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-11 12:00 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-11 12:00 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-11 12:00 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 12:00 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-11 12:00 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-11 12:00 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 12:00 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-11 12:00 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-09 05:15 - 2017-05-09 05:15 - 00647136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamP64.dll
2017-05-09 05:15 - 2017-05-09 05:15 - 00562656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamP.dll
2017-05-03 15:42 - 2017-05-04 11:31 - 00035450 _____ C:\Users\JAG\Downloads\Plán Iveco 2017 vs 2016_II celkem.xlsx
2017-05-03 14:46 - 2017-05-03 14:46 - 00031132 _____ C:\Users\JAG\Downloads\Přehled nákupu Iveco 2016 celkem_II.xlsx
2017-05-01 10:33 - 2017-05-01 10:34 - 15913358 _____ C:\Users\JAG\Downloads\Zora-Ulla-Kesslerová-(28)-Escape-from-Women's-Prison---na-ha-(1978).avi
2017-05-01 10:30 - 2017-05-01 10:31 - 10236352 _____ C:\Users\JAG\Downloads\Zora-Ulla-Kesslerová-(28)-Escape-from-Women's-Prison---na-ha-bo-br-(1978).avi
2017-04-30 14:03 - 2017-04-30 14:12 - 105042022 _____ C:\Users\JAG\Downloads\Stuff I love III - Klixen - New Lube 2 Try - EroProfile.m4v

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-30 20:46 - 2016-08-26 10:58 - 03900234 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-30 20:46 - 2016-07-17 00:25 - 01669022 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-30 20:46 - 2016-07-17 00:25 - 00461418 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-30 20:45 - 2016-11-16 12:19 - 00077949 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-05-30 20:41 - 2016-07-18 15:00 - 00000000 ___RD C:\Users\JAG\OneDrive
2017-05-30 20:41 - 2016-02-16 13:33 - 00000000 ___RD C:\Users\JAG\Disk Google
2017-05-30 20:41 - 2015-12-13 01:06 - 00000000 ____D C:\Users\JAG\AppData\Roaming\Skype
2017-05-30 20:40 - 2016-11-26 20:01 - 00000000 ___RD C:\Users\JAG\iCloudDrive
2017-05-30 20:40 - 2016-08-26 10:58 - 00000000 ____D C:\Users\JAG
2017-05-30 20:40 - 2016-08-26 10:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-30 20:40 - 2015-12-10 22:42 - 00000000 __SHD C:\Users\JAG\IntelGraphicsProfiles
2017-05-30 20:39 - 2016-08-26 11:03 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-30 20:39 - 2016-08-26 10:57 - 00000000 ____D C:\ProgramData\Synaptics
2017-05-30 20:39 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-30 20:31 - 2016-01-05 13:01 - 00000000 ____D C:\Users\JAG\Documents\Soubory aplikace Outlook
2017-05-30 20:13 - 2016-08-26 10:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-30 19:20 - 2016-11-26 20:03 - 00000000 ____D C:\Users\JAG\AppData\Local\9B3A0285-EB9C-4190-BB9F-FA03ABABC22A.aplzod
2017-05-30 14:22 - 2016-04-13 13:53 - 00000000 ____D C:\Users\JAG\AppData\Local\CrashDumps
2017-05-30 12:30 - 2017-02-14 19:47 - 00000000 ____D C:\Users\JAG\AppData\Roaming\Nitro
2017-05-29 12:15 - 2016-10-10 09:52 - 00000000 ____D C:\Users\JAG\AppData\Roaming\Telegram Desktop
2017-05-28 15:05 - 2016-02-08 11:55 - 00000000 ____D C:\Users\JAG\Downloads\Iveco_ceny
2017-05-28 14:56 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-28 14:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-27 01:57 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 23:02 - 2016-06-13 11:08 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-05-26 14:56 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2017-05-25 22:58 - 2016-07-18 14:58 - 00000000 ____D C:\Users\JAG\AppData\Local\Packages
2017-05-25 19:31 - 2016-06-06 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-24 23:57 - 2016-01-05 12:50 - 00000000 ____D C:\Users\JAG\Documents\!Personal
2017-05-24 23:14 - 2016-12-02 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology
2017-05-24 23:14 - 2016-12-02 23:10 - 00000000 ____D C:\Program Files (x86)\Synology
2017-05-24 21:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-24 20:37 - 2016-02-13 14:02 - 00000000 ____D C:\Users\JAG\AppData\Roaming\vlc
2017-05-24 16:33 - 2016-04-27 20:50 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-05-24 15:43 - 2017-02-14 19:29 - 00000000 ____D C:\ProgramData\Acronis
2017-05-24 15:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-24 15:08 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-23 14:48 - 2015-12-10 23:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 14:40 - 2015-12-10 23:53 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 12:24 - 2016-02-21 18:44 - 00000000 ____D C:\Users\JAG\AppData\Local\ESET
2017-05-19 12:00 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-19 09:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 15:25 - 2016-08-26 11:03 - 00003080 _____ C:\WINDOWS\System32\Tasks\RtsCM
2017-05-17 13:55 - 2015-08-29 14:22 - 00000000 ____D C:\ProgramData\Lenovo
2017-05-17 13:53 - 2017-03-07 17:39 - 00002303 _____ C:\Users\JAG\Desktop\Google Chrome.lnk
2017-05-17 13:53 - 2016-04-27 09:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 13:53 - 2015-08-29 14:52 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-05-17 13:51 - 2016-08-26 10:56 - 00397040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 13:49 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-17 13:49 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-16 09:30 - 2016-08-26 11:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\TVT
2017-05-16 09:29 - 2015-08-29 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-05-16 09:29 - 2015-08-29 14:59 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2017-05-11 11:37 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-11 11:19 - 2017-04-03 10:51 - 00004644 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-11 11:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-11 11:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-09 21:25 - 2015-12-10 23:41 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-09 05:16 - 2016-07-28 20:07 - 03227616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2017-05-09 05:15 - 2016-07-28 20:07 - 00225248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtsCM64.exe
2017-05-09 05:15 - 2016-07-28 20:07 - 00104416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamO64.dll
2017-05-08 00:17 - 2016-08-26 11:03 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-03 12:26 - 2017-04-05 22:31 - 00001171 _____ C:\Users\Public\Desktop\Plantronics Hub.lnk
2017-05-03 12:26 - 2017-04-05 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plantronics
2017-05-03 12:26 - 2017-04-05 22:31 - 00000000 ____D C:\Program Files (x86)\BroadSoft
2017-05-03 12:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration

==================== Files in the root of some directories =======

2016-01-24 13:06 - 2016-01-25 13:25 - 0038067 _____ () C:\Users\JAG\AppData\Roaming\Microsoft Excel 97-2003.ADR
2016-07-28 15:02 - 2015-02-06 05:32 - 0472064 _____ () C:\Users\JAG\AppData\Roaming\wanancsp.dat
2016-03-17 10:28 - 2016-03-17 10:28 - 0007623 _____ () C:\Users\JAG\AppData\Local\Resmon.ResmonCfg
2016-08-26 10:57 - 2016-08-26 10:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-07-19 15:18 - 2016-07-21 16:37 - 0002446 _____ () C:\ProgramData\hpzinstall.log
2016-11-21 09:26 - 2016-11-21 09:26 - 0004996 _____ () C:\ProgramData\mudtcpaz.vzs

Some files in TEMP:
====================
2017-05-28 16:55 - 2017-05-28 16:55 - 0476672 _____ () C:\Users\JAG\AppData\Local\Temp\7za.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0020480 _____ (E Dev) C:\Users\JAG\AppData\Local\Temp\DaS_21.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0388608 _____ (Trend Micro Inc.) C:\Users\JAG\AppData\Local\Temp\hijackthis.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0030720 _____ (NirSoft) C:\Users\JAG\AppData\Local\Temp\NirCmd.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0256512 _____ () C:\Users\JAG\AppData\Local\Temp\PEVZ.EXE
2017-05-28 16:55 - 2017-05-28 16:55 - 0069632 _____ () C:\Users\JAG\AppData\Local\Temp\remove.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0098816 _____ () C:\Users\JAG\AppData\Local\Temp\sed.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0057344 _____ (Optimum X) C:\Users\JAG\AppData\Local\Temp\shortcut.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0161792 _____ (SteelWerX) C:\Users\JAG\AppData\Local\Temp\swreg.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0217088 _____ (SteelWerX) C:\Users\JAG\AppData\Local\Temp\swxcacls.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0154232 _____ (Noël Danjou) C:\Users\JAG\AppData\Local\Temp\wget.exe
2017-05-28 16:55 - 2017-05-28 16:55 - 0024064 _____ () C:\Users\JAG\AppData\Local\Temp\zoek-delete.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-28 15:10

==================== End of FRST.txt ============================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Google [Bot] a 9 hostů