Prosím o kontrolu a vyčištění Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění-aswMBR log

Příspěvekod xjarek » 05 pro 2017 16:00

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-12-05 15:53:00
-----------------------------
15:53:00.601 OS Version: Windows x64 6.1.7601 Service Pack 1
15:53:00.601 Number of processors: 8 586 0x3C03
15:53:00.601 ComputerName: HP450 UserName: Jarin
15:53:00.757 Initialize success
15:53:00.773 VM: initialized successfully
15:53:00.773 VM: Intel CPU BiosDisabled
15:53:09.087 AVAST engine defs: 17120402
15:53:11.505 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007b
15:53:11.521 Disk 0 Vendor: Samsung_ EMT0 Size: 238475MB BusType: 11
15:53:11.537 Disk 0 MBR read successfully
15:53:11.537 Disk 0 MBR scan
15:53:11.552 Disk 0 Windows 7 default MBR code
15:53:11.552 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:53:11.552 Disk 0 default boot code
15:53:11.568 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 236317 MB offset 206848
15:53:11.568 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2056 MB offset 484184064
15:53:11.583 Disk 0 scanning C:\Windows\system32\drivers
15:53:13.409 Service scanning
15:53:17.917 Modules scanning
15:53:17.933 Disk 0 trace - called modules:
15:53:17.933 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStorF.sys SamsungRapidDiskFltr.sys storport.sys hal.dll iaStorA.sys
15:53:17.948 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800889e790]
15:53:17.964 3 CLASSPNP.SYS[fffff8800122143f] -> nt!IofCallDriver -> [0xfffffa80087a4b10]
15:53:17.964 5 hpdskflt.sys[fffff880019e042b] -> nt!IofCallDriver -> [0xfffffa80087a2900]
15:53:17.964 7 iaStorF.sys[fffff880018deab0] -> nt!IofCallDriver -> [0xfffffa80087a2dd0]
15:53:17.964 9 SamsungRapidDiskFltr.sys[fffff88001887b22] -> nt!IofCallDriver -> \Device\0000007b[0xfffffa800889c9c0]
15:53:18.120 AVAST engine scan C:\Windows
15:53:18.463 AVAST engine scan C:\Windows\system32
15:54:04.343 AVAST engine scan C:\Windows\system32\drivers
15:54:06.558 AVAST engine scan C:\Users\Jarin
15:55:07.991 AVAST engine scan C:\ProgramData
15:55:57.552 Disk 0 statistics 5439507/0/0 @ 31.27 MB/s
15:55:57.552 Scan finished successfully
15:57:31.574 Disk 0 MBR has been saved successfully to "C:\Users\Jarin\Desktop\MBR.dat"
15:57:31.574 The log file has been saved successfully to "C:\Users\Jarin\Desktop\aswMBR.txt"

+c:\users\Jarin\Documents\~peclinovsky.j@seznam.cz.pst.tmp vrátit zpět

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu a vyčištění

Příspěvekod jaro3 » 06 pro 2017 10:00

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

DeQuarantine::
c:\users\Jarin\Documents\~peclinovsky.j@seznam.cz.pst.tmp.vir

Quit::

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění

Příspěvekod xjarek » 06 pro 2017 10:56

Jestli se tentokrát jedná jen o navrácení c:\users\Jarin\Documents\~peclinovsky.j@seznam.cz.pst.tmp.vir , tak to není nutné.
Problémy přetrvávají, jsou stále stejné. Odesílání automatizovaných dotazů z počítače nebo sítě.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu a vyčištění

Příspěvekod jaro3 » 07 pro 2017 11:45

OK , script nedělej.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění-FrSt Addition

Příspěvekod xjarek » 07 pro 2017 15:06

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2017
Ran by Jarin (07-12-2017 15:05:01)
Running from C:\Users\Jarin\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-08-07 11:49:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2452019113-1929549654-811691898-500 - Administrator - Disabled)
Guest (S-1-5-21-2452019113-1929549654-811691898-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2452019113-1929549654-811691898-1003 - Limited - Enabled)
Jarin (S-1-5-21-2452019113-1929549654-811691898-1000 - Administrator - Enabled) => C:\Users\Jarin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{B9218A36-7AD3-4046-8D77-31F51DC0D795}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.36.1601 - BlueStack Systems, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{57F75D04-50DF-DF75-AEF7-3889FD499B69}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{59AA411E-2A99-5E09-5054-0BC064B8AF0E}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{7E2F413A-F00F-9594-93C1-399FC2A78B80}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{3DAB607D-36A8-BFD6-C66C-D32C895CFF7F}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{18D21A5A-F64F-F473-0771-40CA23383A43}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A2E6049D-5D45-ACCB-D342-1403A6969B0A}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{8937C9B9-B633-B232-E1D4-E2B1109A84D3}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E7BA847A-41FB-EA16-BA6F-604C28351E07}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B9D2237B-128B-EA3A-E487-07732C928E65}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{12217A64-3EB7-E89D-6011-874D9E20C75A}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{49429C11-393B-C286-BBFD-D92608DA2D5B}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{4E78BAB0-11D1-2AA8-888F-457C3C3D6122}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CD61C8E9-1A33-1503-C3CB-31D694CEF1CD}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{97989A01-9EC6-8C8A-BB95-03DB4C4380A9}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{DCA60703-DC9D-3511-FF14-EF0BE6F9F0C7}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C4F8068D-5FE1-2C11-25D6-2BF70EFCDB4F}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{65E7E7FB-53AD-16B9-BBA9-CF4FAB9521E4}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9B9EF42A-2062-5C50-0030-6CDD2682C9D4}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A5AAA3A1-79C9-7869-F870-9705C3714F9E}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AC126BBD-FE46-A668-2E0F-8C6E0A20D592}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8270B6CF-A4B8-D73B-7E1D-22ADB6DD34AA}) (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Elevated Installer (HKLM-x32\...\{B85F70BE-A5A3-48A2-A790-AF6001F026E0}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{5b328687-2baf-4fb6-b6c7-c49fb4840cba}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{5F4164CE-621E-4AFD-BBFE-1BBE2299710E}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{4E9533AB-7743-4B73-A5D2-42207E159E11}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP CASL Framework (HKLM-x32\...\{5094249B-9542-4536-AE76-B769EE085C99}) (Version: 7.0.5.1 - HP)
HP Color LaserJet Pro MFP M277 (HKLM-x32\...\{7ac49734-541c-48e7-99be-02f41e43e79d}) (Version: 14.0.15343.533 - Hewlett-Packard)
HP Hotkey Support (HKLM-x32\...\{57FA60DA-585F-456A-B80E-17D1CDD22A30}) (Version: 5.0.27.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPCLJProM277 (HKLM-x32\...\{9A337B35-06E3-4F9D-9B39-5AC9C2E7F82B}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{D904ECC8-FBED-4618-8B6A-95F3F9352136}) (Version: 3.0.26.32 - HP) Hidden
HPLJUTCore (HKLM-x32\...\{AA9C0477-A064-4D76-A0C4-A3A5A11F1D4C}) (Version: 020.000.0001 - HP) Hidden
HPLJUTM277 (HKLM-x32\...\{1FE53D6E-05EA-4D03-BB77-740C9AF03574}) (Version: 014.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM277LaserJetService (HKLM-x32\...\{3F43C468-BC22-4F88-8382-FF349E724317}) (Version: 001.034.00686 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{EACC40D7-58F4-4A7A-9786-953DC9A1850B}) (Version: 170.040.00259 - HP Development Company, L.P.) Hidden
hpStatusAlertsM277 (HKLM-x32\...\{651F24A4-7240-4598-BDA3-3F6F86005670}) (Version: 140.046.00129 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CF10F6BC-C710-4F6F-B7E1-4057699A59AA}) (Version: 12.3.6.10 - HP)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.5.1367 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4139 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Lenovo Phone Manager (HKLM-x32\...\{63190DFB-529A-4F6E-B6E6-A207712256F4}) (Version: 1.4.1.14211 - Lenovo)
LenovoUsbDriver 1.1.33 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.33 - Lenovo)
Lifesize WebRTC plugin (HKLM-x32\...\{D259A40C-5B3C-4AFE-BA35-580E8EC07A54}) (Version: 1.0.3 - Lifesize)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes verze 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1908.118 - Trusteer)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle Studio Ultimate Collection Plugins (HKLM-x32\...\{F5C372A1-40F3-49DA-A049-F75CDE9177DC}) (Version: 14.0.0.7255 - Pinnacle Systems)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.27.3-r125362-release - Plays.tv, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
RAPID Mode (HKLM\...\{34EF1328-6F71-4077-99AA-E44690F42043}) (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1908.118 - Trusteer) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-2452019113-1929549654-811691898-1000\...\SeznamInstall) (Version: 2.1.29 - Seznam.cz)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2452019113-1929549654-811691898-1000\...\Verdict Free) (Version: - )
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}) (Version: 2.10.1 - Název společnosti:)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VIDEOBOARD iBoard+ verze 1.4.6 (HKLM-x32\...\{8257DB8E-C043-46B2-A8C8-7CC4911F0301}_is1) (Version: 1.4.6 - VIDEOBOARD)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2452019113-1929549654-811691898-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-12-04] ()
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-10-29] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-10-29] (Qualcomm®Atheros®)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2015-11-18] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-06-16] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-12-04] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-15] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05AB18BC-07E4-4BE8-A842-99DB1D4EEE58} - System32\Tasks\{4D7305BA-A30B-4843-A13F-B77BBE2F4B90} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {0F0550E4-2D16-435C-B437-39D0821360E3} - System32\Tasks\{BFB32684-167F-405E-AA9F-925229BD92E5} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {1487D405-B197-4B2F-BC83-C6A95AA2F358} - System32\Tasks\{EFDA16EF-C553-4786-AFFC-62D341493BFB} => E:\Nový počítač duben 2013\Nero Portable\NeroPortable.exe
Task: {17362E18-CD42-47B1-9780-0C4B91129F5D} - System32\Tasks\{37D6ACFE-A7FC-4F38-A1BF-47E3FAF5C297} => E:\Nový počítač duben 2013\Nero Portable\NeroPortable.exe
Task: {187A76F2-5291-4B5E-955A-B248AA2B69B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {2724E5E5-EF59-4B42-A395-5373767C90BA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {383EF9D3-0873-4056-9DC2-56F5D2A1DF2B} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {38CD03B3-FB88-4CD8-AC37-1EB1DECA5394} - System32\Tasks\{654CD78B-2B90-44D5-9AB5-F8C9413741F8} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {5EE46EC9-2015-466C-855E-B4E4174492B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {672D5435-6F1F-4D32-BEB4-8D9AF459F5BA} - System32\Tasks\SafeZone scheduled Autoupdate 1458726176 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {71680D63-DA15-4B45-BAEC-E1D4A85EC26F} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2016-07-08] (Lenovo)
Task: {7B331BF2-89B5-4AF3-846E-626A16F57A1C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-06] (AVAST Software)
Task: {7BB31EF6-7701-4114-9F57-FE19E24763A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {991214B3-AAFD-438D-81F4-806241262A85} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {997AE379-D739-4D60-B1FB-1B90E171153E} - System32\Tasks\{0718998C-F957-4DA9-8956-8F2E2263F18A} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {A23019EF-A2E8-4C76-AA6A-F17F83F4442B} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2015-12-05] (HP Development Company, L.P.)
Task: {D8519300-25DA-4172-8ADD-08C68430BBCE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-10-09] ()
Task: {E5A69230-CD0C-4174-A067-78A7A9AAB652} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-15] (AVAST Software)
Task: {F1F71B73-C211-4064-B5F7-D760E31D276B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {FA83AF25-AC02-4F65-A97F-7F3C61725229} - System32\Tasks\{B862F170-56AB-4CEE-8D98-6E74BE445399} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-10-20 15:38 - 2017-10-20 15:42 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-11-15 16:06 - 2017-11-15 16:06 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000169832 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000859216 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000292408 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2015-08-07 13:02 - 2015-06-16 11:20 - 000391784 _____ () C:\Windows\system32\igfxTray.exe
2017-11-07 22:13 - 2017-11-07 22:13 - 000020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-12-07 06:46 - 2017-12-06 05:24 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libglesv2.dll
2017-12-07 06:46 - 2017-12-06 05:24 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\libegl.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-12-07 14:36 - 2017-12-07 14:36 - 005892848 _____ () C:\Program Files\AVAST Software\Avast\defs\17120700\algo.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-10-09 15:12 - 2017-10-09 15:12 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-07-08 09:01 - 2016-07-08 09:01 - 000109704 _____ () C:\Program Files (x86)\MagicPlus\crashreport.dll
2016-07-08 09:01 - 2016-07-08 09:01 - 000354440 _____ () C:\Program Files (x86)\MagicPlus\UsbHelper.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 000545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2017-07-11 17:57 - 2017-07-11 17:57 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-15 16:06 - 2017-11-15 16:06 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 20:01 - 2017-05-04 20:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 02:38 - 2015-05-08 02:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 02:39 - 2015-05-08 02:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 22:59 - 2015-11-13 22:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 22:59 - 2015-11-13 22:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-11-13 22:58 - 2015-11-13 22:58 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 000124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-11-07 22:13 - 2017-11-07 22:13 - 000013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 001983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 002658512 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-11-07 22:13 - 2017-11-07 22:13 - 000027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 000031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-11-07 22:13 - 2017-11-07 22:13 - 000066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 02:42 - 2015-11-11 02:42 - 001045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-08-07 15:45 - 2014-09-28 16:59 - 000019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-05-08 02:39 - 2015-05-08 02:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 18:33 - 2017-05-04 18:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 02:55 - 2015-05-08 02:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-12-05 15:35 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2452019113-1929549654-811691898-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3CA32BFD-466D-414C-96D6-CA7AAD85FA0F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{969F4BE0-7095-42ED-984E-8C259EE5B5F5}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{25332F16-D91B-46C0-8245-9538501A3553}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{D13E4792-577E-44F2-9937-E50B9ADC869D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{F26A44E1-54A0-4E34-89B5-753B6F05911A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{EDF7F560-019A-41AD-ACE1-53E43D3CF504}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [TCP Query User{C9B5FC1A-7234-4624-B020-BCC73E4052A6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{79F4BAF3-4BBB-4D43-A706-2FB7FAEE6030}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{4CFC831B-C249-4AD0-B56D-C34825F4213C}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{0B088C6F-48EB-4395-9CF8-55083BE926E5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{6C6DE6EB-B5C9-4FA9-95CF-FEB34A19FAE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{94633252-EADF-41C5-B89F-3BACC1233F1D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D37BE10E-E6D0-4BC5-8AAB-475CFABE910A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{CA25EF23-F9C7-47F5-BC42-015A3BBCA67E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E273CB00-993C-4A24-A953-7917D9526986}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{BD229A59-1D7D-4468-9609-C36E97871246}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\SendAFax.exe
FirewallRules: [{4FE270EE-4827-4455-B900-C85D7E514FF9}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\FaxPrinterUtility.exe
FirewallRules: [{63EBC0A9-6BAE-4161-AF95-5B0284EA2ACE}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{804EC638-D572-40A5-BA32-E68C1C201722}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{66F65FD7-46F3-4070-9F88-CB91F9AA893C}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\DigitalWizards.exe
FirewallRules: [{8DE2DE4C-7FDC-4FDC-8D47-2BC228B3BCBB}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\FaxApplications.exe
FirewallRules: [{32D6CB0E-D8B2-4733-AF2E-11B7AC304F07}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\EWSProxy.exe
FirewallRules: [{4FD95E76-9668-471C-834D-A98480452D69}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{46176BEE-6BBD-4F65-A478-ED3F7C209961}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B30F3A95-ECE3-455B-AAA6-AA807F82AD2A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{2A0D8E0E-3012-4BDC-9136-0D7870FED061}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D26289EB-D4AC-4691-B309-54F988662479}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{CDBA74D7-7E68-49FF-8E58-06A2165C9346}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{75212578-FCD6-4FB0-8369-6548C010BE5C}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{10A6CC8B-FB9B-4BD9-971D-646C1BF47D64}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{0CBC77A7-ECBD-4074-AF2E-C562F7D51B24}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{6050E4E1-F481-47A1-BFC6-CB7549B3DEDB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{77CDD1B3-9E9B-4726-B31E-FF3ACA4E017F}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{BBAEE58A-F1D4-4636-8CF0-5B8381094814}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [{548319D3-C502-4B9F-82FC-563A67E2452F}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{38DB46E9-6852-49D6-B514-BA4AEE575280}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe
FirewallRules: [UDP Query User{1786E098-3C68-4AB0-9850-57D9D388FCE3}C:\program files (x86)\magicplus\magicplus.exe] => (Allow) C:\program files (x86)\magicplus\magicplus.exe
FirewallRules: [{6FAEF81A-0DC9-4391-B609-B839BBE83A41}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{19D69985-239F-40AC-8E3A-B24217759B39}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{C02D409C-8614-4FA7-A15D-DCFA508B291B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

07-12-2017 14:38:54 ComboFix created restore point

==================== Faulty Device Manager Devices =============

Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2017 03:00:45 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x80070015.

Error: (12/07/2017 03:00:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/07/2017 03:01:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (12/07/2017 03:00:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/07/2017 03:00:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (12/07/2017 02:59:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/07/2017 02:45:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (12/07/2017 02:45:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (12/07/2017 02:42:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (12/07/2017 02:42:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (12/07/2017 02:40:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/07/2017 09:26:08 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní chyby: 10


CodeIntegrity:
===================================
Date: 2017-12-05 15:14:05.172
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-05 15:14:05.110
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-05 15:14:05.016
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-05 15:14:04.954
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-05 07:29:59.887
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-05 07:29:59.811
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 52%
Total physical RAM: 8073.11 MB
Available physical RAM: 3801.76 MB
Total Virtual: 16144.4 MB
Available Virtual: 10895.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230.78 GB) (Free:114.95 GB) NTFS
Drive f: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.51 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E8F83888)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End of Addition.txt ============================

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění-FrSt log

Příspěvekod xjarek » 07 pro 2017 15:08

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2017
Ran by Jarin (administrator) on HP450 (07-12-2017 15:04:26)
Running from C:\Users\Jarin\Downloads
Loaded Profiles: Jarin (Available Profiles: Jarin)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-15] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-11-07] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-07-08] (Lenovo)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2452019113-1929549654-811691898-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2452019113-1929549654-811691898-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2017-03-17] (TomTom)
HKU\S-1-5-21-2452019113-1929549654-811691898-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-2452019113-1929549654-811691898-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-2452019113-1929549654-811691898-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\IBOARD\VBSScz\VBSS.scr [74752 2013-01-02] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
BootExecute: autocheck autochk * native.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06585950-912D-4468-90E2-7B0455D4C693}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FA6D5012-397D-4915-94D0-C8B4D0330678}: [DhcpNameServer] 192.168.1.100

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2452019113-1929549654-811691898-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {0B904C98-9AB8-496A-BD0C-876550EB3E57} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {43557605-E782-42CF-8A8E-CF7E86A9BDF2} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {58AB4420-42D7-4824-B445-BACDFD944DC0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {5B973B80-6F74-4D19-AF47-1E7F80AAA226} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {6648816D-59D2-413F-A24D-1291A3383673} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {6F36F8A9-10C9-4D63-AA98-446371E8742E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {923ADF93-8C0B-441E-9664-0B2E98016CD3} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {A338C488-C9AF-4647-94B8-ED746BF79FEC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-15] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-15] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)

FireFox:
========
FF DefaultProfile: unzhbhm6.default
FF ProfilePath: C:\Users\Jarin\AppData\Roaming\TomTom\HOME\Profiles\bhnrf5vk.default [2017-12-04]
FF Homepage: TomTom\HOME\Profiles\bhnrf5vk.default -> about:home
FF NewTab: TomTom\HOME\Profiles\bhnrf5vk.default -> about:newtab
FF ProfilePath: C:\Users\Jarin\AppData\Roaming\Mozilla\Firefox\Profiles\unzhbhm6.default [2017-12-07]
FF Homepage: Mozilla\Firefox\Profiles\unzhbhm6.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\unzhbhm6.default -> about:newtab
FF Extension: (IBM Security Rapport) - C:\Users\Jarin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2017-12-04]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Jarin\AppData\Roaming\Mozilla\Firefox\Profiles\unzhbhm6.default\Extensions\sko-extension@firma.seznam.cz [2017-12-04]
FF Extension: (Avast SafePrice) - C:\Users\Jarin\AppData\Roaming\Mozilla\Firefox\Profiles\unzhbhm6.default\Extensions\sp@avast.com.xpi [2017-07-11]
FF SearchPlugin: C:\Users\Jarin\AppData\Roaming\Mozilla\Firefox\Profiles\unzhbhm6.default\searchplugins\google-avast.xml [2017-08-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-15] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-2452019113-1929549654-811691898-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Jarin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
FF Plugin HKU\S-1-5-21-2452019113-1929549654-811691898-1000: Lifesize.com.sg/LSWebRTCPlugin -> C:\Users\Jarin\AppData\Roaming\LS\Lifesize WebRTC plugin\1.0.3\npLSWebRTCPlugin.dll [2015-01-29] (Lifesize)

Chrome:
=======
CHR Profile: C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default [2017-12-07]
CHR Extension: (Dokumenty) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-04]
CHR Extension: (Disk Google) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-04]
CHR Extension: (YouTube) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-04]
CHR Extension: (Avast Online Security) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-04]
CHR Extension: (Gmail) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-04]
CHR Profile: C:\Users\Jarin\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-07]
CHR HKU\S-1-5-21-2452019113-1929549654-811691898-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2452019113-1929549654-811691898-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2452019113-1929549654-811691898-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-15] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-29] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-15] (AVAST Software)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [369720 2017-08-16] (BlueStack Systems, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-04-18] (HP)
R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-06-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-11-07] (Copyright (c) 2017 Plays.tv, LLC)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5305328 2017-12-03] (IBM Corp.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-29] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-15] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-15] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-15] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-15] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-15] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-15] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2017-06-21] (Bluestack System Inc. )
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-10-29] (Qualcomm Atheros)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-30] (Intel Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2017-12-04] (Malwarebytes)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [489616 2017-12-03] (IBM Corp.)
R1 RapportCerberus_1908100; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1908100.sys [1635392 2017-12-04] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [703056 2017-12-03] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [338384 2017-12-03] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [597968 2017-12-03] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [743568 2017-12-03] (IBM Corp.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-12-04] (Zemana Ltd.)
S3 BtAudioBusSrv; System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; System32\Drivers\BtL2caScoIf.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-07 15:04 - 2017-12-07 15:04 - 000024700 _____ C:\Users\Jarin\Downloads\FRST.txt
2017-12-07 15:04 - 2017-12-07 15:04 - 000000000 ___DC C:\FRST
2017-12-07 15:03 - 2017-12-07 15:03 - 000001428 _____ C:\Users\Jarin\Desktop\FRST64 – zástupce.lnk
2017-12-07 15:02 - 2017-12-07 15:03 - 002390528 _____ (Farbar) C:\Users\Jarin\Downloads\FRST64.exe
2017-12-07 14:58 - 2017-12-07 14:58 - 000001397 _____ C:\Users\Jarin\Desktop\OTC – zástupce.lnk
2017-12-07 14:53 - 2017-12-07 14:53 - 000011762 _____ C:\Users\Jarin\Desktop\cc_20171207_145324.reg
2017-12-07 14:45 - 2017-12-07 14:45 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-12-07 14:45 - 2017-12-07 14:45 - 000002784 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-12-07 14:45 - 2017-12-07 14:45 - 000000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-12-07 14:45 - 2017-12-07 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-07 14:44 - 2017-12-07 14:44 - 010849904 _____ (Piriform Ltd) C:\Users\Jarin\Downloads\ccsetup537 (2).exe
2017-12-06 16:07 - 2017-12-06 16:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-06 13:23 - 2017-12-06 13:23 - 000133095 _____ C:\Users\Jarin\Downloads\BonusCZ2017030026088219.pdf
2017-12-06 07:19 - 2017-12-07 14:48 - 000000000 ____D C:\Users\Jarin\AppData\Local\CrashDumps
2017-12-05 15:57 - 2017-12-05 15:57 - 000000512 _____ C:\Users\Jarin\Desktop\MBR.dat
2017-12-05 15:52 - 2017-12-05 15:52 - 000001428 _____ C:\Users\Jarin\Desktop\aswmbr – zástupce.lnk
2017-12-05 15:47 - 2017-12-05 15:48 - 000001067 _____ C:\Users\Jarin\Desktop\HiJackThis – zástupce.lnk
2017-12-05 07:19 - 2017-12-07 14:38 - 000000000 ____D C:\Windows\erdnt
2017-12-04 19:12 - 2017-12-04 19:12 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2017-12-04 19:12 - 2017-12-04 19:12 - 000001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-12-04 19:12 - 2017-12-04 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-12-04 19:11 - 2017-12-04 20:09 - 000001644 _____ C:\Users\Jarin\Desktop\Zemana.AntiMalware.Setup (1) – zástupce.lnk
2017-12-04 19:11 - 2017-12-04 19:11 - 006625600 _____ (Zemana Ltd. ) C:\Users\Jarin\Downloads\Zemana.AntiMalware.Setup (1).exe
2017-12-04 19:04 - 2017-12-04 19:00 - 000024064 _____ C:\Windows\zoek-delete.exe
2017-12-04 18:53 - 2017-12-07 15:04 - 000059408 _____ C:\Windows\ZAM.krnl.trace
2017-12-04 18:53 - 2017-12-04 20:08 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-12-04 18:53 - 2017-12-04 20:07 - 000061881 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-12-04 18:53 - 2017-12-04 18:53 - 000000000 ____D C:\Users\Jarin\AppData\Local\Zemana
2017-12-04 18:43 - 2017-12-04 18:46 - 000000000 ___DC C:\zoek_backup
2017-12-04 18:42 - 2017-12-04 18:42 - 001313792 _____ C:\Users\Jarin\Downloads\zoek.exe
2017-12-04 14:02 - 2017-12-04 14:02 - 000000000 ____D C:\Users\Jarin\AppData\Local\Adobe
2017-12-04 14:01 - 2017-12-04 14:01 - 000087497 _____ C:\Users\Jarin\Desktop\Pojištění Multirisk.PDF
2017-12-04 14:00 - 2017-12-04 14:00 - 000087497 _____ C:\Users\Jarin\Downloads\535437526.PDF
2017-12-04 11:31 - 2017-12-04 11:32 - 022468168 _____ (Adlice Software) C:\Users\Jarin\Downloads\RogueKiller_portable32.exe
2017-12-04 10:29 - 2017-12-04 18:14 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-12-04 10:28 - 2017-12-04 18:43 - 000000000 ____D C:\ProgramData\RogueKiller
2017-12-04 10:27 - 2017-12-04 10:28 - 026848328 _____ (Adlice Software) C:\Users\Jarin\Downloads\RogueKiller_portable64.exe
2017-12-04 09:46 - 2017-12-04 09:46 - 000000000 ____D C:\ProgramData\Sophos
2017-12-04 09:45 - 2017-12-04 09:45 - 000002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-12-04 09:45 - 2017-12-04 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-12-04 09:45 - 2017-12-04 09:45 - 000000000 ____D C:\Program Files (x86)\Sophos
2017-12-04 09:39 - 2017-12-04 09:43 - 183163664 _____ (Sophos Limited) C:\Users\Jarin\Downloads\Sophos Virus Removal Tool.exe
2017-12-04 09:33 - 2017-12-04 09:33 - 000003994 _____ C:\Users\Jarin\Desktop\JRT.txt
2017-12-04 09:28 - 2017-12-04 09:28 - 001790024 _____ (Malwarebytes) C:\Users\Jarin\Downloads\JRT.exe
2017-12-03 20:19 - 2017-12-03 20:19 - 000000000 ____D C:\Users\Jarin\AppData\Local\CEF
2017-12-03 20:18 - 2017-12-03 20:18 - 000000000 ____D C:\Users\Jarin\AppData\Local\BMExplorer
2017-12-03 20:17 - 2017-12-03 20:17 - 000000000 ____D C:\Users\Jarin\AppData\Local\AMD
2017-12-03 20:11 - 2017-12-03 15:04 - 008172032 _____ (Malwarebytes) C:\Users\Jarin\Downloads\AdwCleaner.exe
2017-12-03 19:07 - 2017-12-03 19:08 - 007528488 _____ C:\Users\Jarin\Downloads\ATF-Cleaner.exe
2017-12-03 15:53 - 2017-12-03 17:00 - 000012710 ____C C:\Windows\system32\Native.exe
2017-12-03 15:04 - 2017-12-03 20:16 - 000000000 ___DC C:\AdwCleaner
2017-12-03 14:58 - 2017-12-03 14:58 - 000142752 _____ C:\Users\Jarin\AppData\Local\GDIPFONTCACHEV1.DAT
2017-12-03 14:56 - 2017-12-03 14:56 - 000493296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-03 14:54 - 2017-12-03 14:54 - 000448512 _____ (OldTimer Tools) C:\Users\Jarin\Downloads\TFC.exe
2017-12-03 13:29 - 2017-12-03 13:29 - 007881808 _____ C:\Users\Jarin\Downloads\HiJackThis.exe
2017-11-23 12:12 - 2017-11-23 12:12 - 000114083 _____ C:\Users\Jarin\Downloads\Faktura - daňový doklad.pdf
2017-11-21 06:56 - 2017-11-21 06:56 - 010849904 _____ (Piriform Ltd) C:\Users\Jarin\Downloads\ccsetup537.exe
2017-11-16 07:05 - 2017-11-16 07:05 - 000045704 _____ () C:\Windows\system32\Drivers\staport.sys
2017-11-15 16:07 - 2017-11-15 16:06 - 000365168 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-11-15 16:07 - 2017-11-15 16:06 - 000183584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2017-11-15 06:54 - 2017-10-18 08:31 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-15 06:54 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-11-15 06:54 - 2017-10-18 03:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-15 06:54 - 2017-10-18 03:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-15 06:54 - 2017-10-18 03:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-15 06:54 - 2017-10-18 03:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-15 06:54 - 2017-10-18 03:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-15 06:54 - 2017-10-18 03:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-15 06:54 - 2017-10-18 03:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-15 06:54 - 2017-10-17 00:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-15 06:54 - 2017-10-16 23:34 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-15 06:54 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-11-15 06:54 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-15 06:54 - 2017-10-14 09:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-15 06:54 - 2017-10-14 09:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 06:54 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-15 06:54 - 2017-10-14 09:12 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-15 06:54 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-15 06:54 - 2017-10-14 09:11 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-15 06:54 - 2017-10-14 09:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-15 06:54 - 2017-10-14 09:11 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-15 06:54 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-15 06:54 - 2017-10-14 09:05 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-15 06:54 - 2017-10-14 09:04 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-15 06:54 - 2017-10-14 09:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-15 06:54 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-15 06:54 - 2017-10-14 09:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-15 06:54 - 2017-10-14 09:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-15 06:54 - 2017-10-14 09:00 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-15 06:54 - 2017-10-14 08:55 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 06:54 - 2017-10-14 08:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-15 06:54 - 2017-10-14 08:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-15 06:54 - 2017-10-14 08:47 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 06:54 - 2017-10-14 08:46 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-15 06:54 - 2017-10-14 08:43 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-15 06:54 - 2017-10-14 08:43 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-15 06:54 - 2017-10-14 08:41 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-15 06:54 - 2017-10-14 08:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-15 06:54 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-15 06:54 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-15 06:54 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-15 06:54 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-15 06:54 - 2017-10-14 08:28 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-15 06:54 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-15 06:54 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-15 06:54 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-11-15 06:54 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-15 06:54 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-11-15 06:54 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-15 06:54 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-11-15 06:54 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-11-15 06:54 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-11-15 06:54 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-11-15 06:54 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-11-15 06:54 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-11-15 06:54 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-11-15 06:54 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-11-15 06:54 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-11-15 06:54 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-11-15 06:54 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-11-15 06:54 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-11-15 06:54 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-11-15 06:54 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-11-15 06:54 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-11-15 06:54 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-11-15 06:54 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-11-15 06:54 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-11-15 06:54 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-11-15 06:54 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-11-15 06:54 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-11-15 06:54 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-11-15 06:54 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-11-15 06:54 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-11-15 06:54 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-11-15 06:54 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-11-15 06:54 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-11-15 06:54 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-11-15 06:54 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-11-15 06:54 - 2017-10-12 01:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 014635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-15 06:54 - 2017-10-12 01:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-15 06:54 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-15 06:54 - 2017-10-12 01:55 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-15 06:54 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-11-15 06:54 - 2017-10-12 01:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-15 06:54 - 2017-10-12 01:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 06:54 - 2017-10-12 01:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-15 06:54 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2017-11-15 06:54 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-11-15 06:54 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-11-15 06:54 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-11-15 06:54 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-11-15 06:54 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-11-15 06:54 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-11-15 06:54 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2017-11-15 06:54 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2017-11-15 06:54 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2017-11-15 06:54 - 2017-10-12 01:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-15 06:54 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-15 06:54 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-15 06:52 - 2017-10-18 03:34 - 000134376 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-15 06:52 - 2017-10-18 03:30 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-15 06:52 - 2017-10-15 23:04 - 000407392 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-15 06:52 - 2017-10-04 14:04 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-15 06:52 - 2017-10-04 14:04 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-15 06:52 - 2017-10-04 14:04 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-15 06:52 - 2017-10-04 14:04 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-15 06:52 - 2017-10-04 14:04 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-15 06:52 - 2017-10-04 14:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-15 06:52 - 2017-10-04 14:04 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-10 17:58 - 2017-12-04 09:19 - 000009281 _____ C:\Users\Jarin\Desktop\Útrata mBank.xlsx
2017-11-07 08:25 - 2017-12-07 06:46 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-07 15:01 - 2015-08-08 12:18 - 000000000 ____D C:\Users\Jarin\AppData\Roaming\Raptr
2017-12-07 15:00 - 2016-03-07 06:41 - 000000000 ____D C:\Users\Jarin\AppData\Roaming\PlaysTV
2017-12-07 15:00 - 2015-08-07 13:26 - 000000000 __SHD C:\Users\Jarin\IntelGraphicsProfiles
2017-12-07 15:00 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-07 15:00 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-12-07 14:45 - 2017-11-02 09:56 - 000000000 ____D C:\Program Files\CCleaner
2017-12-07 14:28 - 2011-04-12 09:34 - 001404502 _____ C:\Windows\system32\perfh005.dat
2017-12-07 14:28 - 2011-04-12 09:34 - 000398152 _____ C:\Windows\system32\perfc005.dat
2017-12-07 14:28 - 2009-07-14 06:13 - 000006686 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-07 11:44 - 2015-08-20 12:02 - 000000000 ____D C:\Users\Jarin\Documents\VBDataiBoardcz
2017-12-07 06:43 - 2009-07-14 05:45 - 000032928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-07 06:43 - 2009-07-14 05:45 - 000032928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-06 16:07 - 2015-12-03 19:53 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-12-05 15:52 - 2016-06-23 13:37 - 000000000 ____D C:\Users\Jarin\AppData\Roaming\Seznam.cz
2017-12-05 15:35 - 2009-07-14 03:34 - 000000215 ____C C:\Windows\system.ini
2017-12-05 10:39 - 2017-03-18 03:11 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-12-04 19:16 - 2015-08-07 12:49 - 000000000 ____D C:\Users\Jarin
2017-12-04 13:56 - 2017-04-06 16:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-04 13:54 - 2015-08-07 13:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-12-04 10:58 - 2015-09-26 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2017-12-04 09:17 - 2015-12-06 14:23 - 000013433 _____ C:\Users\Jarin\Desktop\PRAVE objednávky.xlsx
2017-12-04 06:38 - 2017-10-21 05:43 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2017-12-03 12:58 - 2015-09-26 13:25 - 000597968 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2017-12-03 12:58 - 2015-09-26 13:25 - 000338384 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2017-12-03 12:36 - 2017-09-03 15:07 - 000000000 ____D C:\Windows\Minidump
2017-12-03 08:36 - 2015-08-10 07:26 - 009330176 _____ C:\Users\Jarin\Desktop\stav uctu.xls
2017-12-03 08:08 - 2015-08-08 12:29 - 000000000 ____D C:\Users\Jarin\AppData\Roaming\Skype
2017-11-26 14:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-11-21 14:21 - 2017-03-17 11:44 - 000000000 ____D C:\Users\Jarin\AppData\LocalLow\Adobe
2017-11-16 12:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-11-16 06:56 - 2015-08-08 08:46 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-15 18:41 - 2015-08-10 08:42 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-15 18:41 - 2015-08-10 08:42 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 16:07 - 2015-08-07 13:31 - 000455376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-11-15 16:06 - 2017-03-18 03:11 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-11-15 16:06 - 2017-03-18 03:11 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-11-15 16:06 - 2017-03-18 03:11 - 000198968 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-11-15 16:06 - 2017-03-18 03:11 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 001026232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 000455384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys.151075843784303
2017-11-15 16:06 - 2015-08-07 13:31 - 000364464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 000203976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 000148288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-11-15 16:06 - 2015-08-07 13:31 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-11-14 14:33 - 2015-08-07 13:59 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-11-14 14:33 - 2015-08-07 13:59 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 14:33 - 2015-08-07 13:59 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-11-14 14:33 - 2015-08-07 13:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-14 14:33 - 2015-08-07 13:59 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-14 11:04 - 2015-08-08 12:29 - 000000000 ____D C:\ProgramData\Skype
2017-11-09 16:18 - 2015-08-10 07:26 - 000000000 ____D C:\Users\Jarin\Documents\KBCertifikat
2017-11-07 08:25 - 2015-08-07 16:02 - 000000000 ____D C:\Users\Jarin\AppData\Local\Google
2017-11-07 08:25 - 2015-08-07 16:02 - 000000000 ____D C:\Program Files (x86)\Google

==================== Files in the root of some directories =======

2017-02-19 15:32 - 2017-02-19 15:53 - 000003584 _____ () C:\Users\Jarin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-29 08:18

==================== End of FRST.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu a vyčištění

Příspěvekod jaro3 » 07 pro 2017 18:55

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {5EE46EC9-2015-466C-855E-B4E4174492B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {F1F71B73-C211-4064-B5F7-D760E31D276B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {0B904C98-9AB8-496A-BD0C-876550EB3E57} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {43557605-E782-42CF-8A8E-CF7E86A9BDF2} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {58AB4420-42D7-4824-B445-BACDFD944DC0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {5B973B80-6F74-4D19-AF47-1E7F80AAA226} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {6648816D-59D2-413F-A24D-1291A3383673} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {6F36F8A9-10C9-4D63-AA98-446371E8742E} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {923ADF93-8C0B-441E-9664-0B2E98016CD3} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2452019113-1929549654-811691898-1000 -> {A338C488-C9AF-4647-94B8-ED746BF79FEC} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-2452019113-1929549654-811691898-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Jarin\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
CHR HKU\S-1-5-21-2452019113-1929549654-811691898-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2452019113-1929549654-811691898-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2452019113-1929549654-811691898-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\system32\Drivers\staport.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
Kontext: aplikace Windows, katalog SystemIndex
Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)
Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/07/2017 03:00:30 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.



Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění

Příspěvekod xjarek » 08 pro 2017 14:06

Ahoj, samozřejmě to udělám, ale zdá se, že tento počítač to nedělá. Dcera dnes nezapla počítač a doteď se ten problém neobjevil, takže to vypadá na něj. Pošlu Ti HTJ jejího počítače.

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění-HJT dcery

Příspěvekod xjarek » 08 pro 2017 15:04

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:56, on 08.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
C:\Users\lenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
F:\Čisticí programy\HiJackThis.exe
C:\Users\lenka\AppData\Local\Temp\nsc428C.tmp\setupHiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HRTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?Link ... id=UE03DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\lenka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem25.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine (SecureLine) - Unknown owner - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu a vyčištění

Příspěvekod jaro3 » 08 pro 2017 17:58

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění-DelFix

Příspěvekod xjarek » 09 pro 2017 07:33

# DelFix v1.013 - Logfile created 09/12/2017 at 07:28:46
# Updated 17/04/2016 by Xplode
# Username : lenka - LAPTOP-DAKP9TRQ
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...


~ Cleaning system restore ...

Deleted : RP #24 [Naplánovaný kontrolní bod | 10/25/2017 16:43:01]
Deleted : RP #25 [Naplánovaný kontrolní bod | 11/09/2017 12:48:54]
Deleted : RP #26 [Windows Update | 11/15/2017 04:56:02]
Deleted : RP #29 [1.10.2017 | 12/05/2017 07:21:03]
Deleted : RP #30 [Operace obnovení | 12/05/2017 07:24:07]

New restore point created !

########## - EOF - ##########

xjarek
nováček
Příspěvky: 36
Registrován: prosinec 17
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu a vyčištění

Příspěvekod xjarek » 09 pro 2017 15:26

Tak bohužel, problém pokračuje, musel jsem na to čištění ten dceřin počítač zapnout a po cca půl hodině se to vyskytuje znovu.
Od včerejška se ale problém neobjevil (když byl její počítač vypnutý).
Nepomohlo by přeinstalovat Windows ?


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Google [Bot] a 10 hostů