Nežádoucí reklama. Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Nežádoucí reklama.

Příspěvekod efendi7 » 23 zář 2018 18:50

Dobrý den,

bezprostředně po načtení systému se samovolně otevře prohlížeč a v něm reklama. Adfly. Po té se ještě pokusí cosi stáhnout (3x), ale to antivir naštěstí zablokuje. Žádné volně dostupné softwary neodhalily žádnou chybu. Proto prosím o pomoc Vás. Děkuji za odpověď.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:44:09, on 23.09.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\hp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\HP\HP Velocity\systray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Users\hp\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPNotifications] C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\hp\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\hp\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\hp\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\hp\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\hp\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Global Startup: HP Velocity.lnk = ?
O4 - Global Startup: NonSteam.bat
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 18.0.0 (AVP18.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
O23 - Service: CxAudioSvc - Conexant Systems, Inc - C:\WINDOWS\CxSvc\CxAudioSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\WINDOWS\CxSvc\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Služba DigitalPersona Authentication Service (DpHost) - Crossmatch, Inc. - c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Auditování/zamknutí zařízení nástroje HP (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: @oem34.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc (fpCsEvtSvc) - Unknown owner - C:\WINDOWS\system32\fpCSEvtSvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HP WorkWise (HPWorkWise) - HP - C:\Program Files (x86)\HP\HP WorkWise\HPWorkWiseService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem116.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2018 (mitsijm2018) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @oem34.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 16931 bytes

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod jaro3 » 24 zář 2018 21:11

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod efendi7 » 26 zář 2018 11:32

Dobrý den,

především díky za Vaší odpověď. Postupoval jsem dle Vašich instrukcí.

Program AdwCleaner našel jednu hrozbu:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-26-2018
# Duration: 00:00:08
# OS: Windows 10 Pro
# Scanned: 41933
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Banggood banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

AdwCleaner[S00].txt - [1311 octets] - [26/09/2018 11:15:26]
AdwCleaner[C00].txt - [1457 octets] - [26/09/2018 11:17:05]


Program Malwarebytes nenašel nic:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 26.09.18
Čas skenování: 11:22
Logovací soubor: b3e49cca-c16d-11e8-9885-48ba4e55d5a6.json

-Informace o softwaru-
Verze: 3.6.1.2711
Verze komponentů: 1.0.463
Aktualizovat verzi balíku komponent: 1.0.7019
Licence: Bezplatný

-Systémová informace-
OS: Windows 10 (Build 17134.286)
CPU: x64
Systém souborů: NTFS
Uživatel: HP-PROBOOK-440G\hp

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 346622
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 1 min, 44 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)


Jak mám postupovat dále? Děkuji

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod jaro3 » 26 zář 2018 17:48

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod efendi7 » 01 říj 2018 10:21

Dobrý den,

dále jsem postupoval dle Vašich rad. Problém bohužel stále přetrvává. :-(

Přidávám několik logů z použitých programů:

AdwCleaner:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-01-2018
# Duration: 00:00:12
# OS: Windows 10 Pro
# Scanned: 41933
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Banggood banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1311 octets] - [26/09/2018 11:15:26]
AdwCleaner[C00].txt - [1457 octets] - [26/09/2018 11:17:05]
AdwCleaner[S01].txt - [1370 octets] - [26/09/2018 11:20:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by hp (Administrator) on 01.10.2018 at 8:05:36,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.10.2018 at 8:07:38,51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller:
RogueKiller V12.13.2.0 (x64) [Sep 24 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.17134) 64 bits version
Spuštěno : Normální režim
Uživatel : hp [Práva správce]
Started from : C:\Users\hp\Downloads\RogueKiller_portable64.exe
Mód : Prohledat -- Datum : 10/01/2018 09:48:34 (Duration : 00:21:11)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Nalezeno
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Keylog.Gen0][Soubor] C:\Windows\System32\MicTray64.exe -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: INTEL SSDSCKKF256H6H +++++
--- User ---
[MBR] b23fe035a5ffcd01a07a9303e5052d92
[BSP] e6184a5617131a6c5c2dace9bf2da49c : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 360 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 739328 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1001472 | Size: 225246 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 462305280 | Size: 980 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 464312320 | Size: 17478 MB
User = LL1 ... OK
User = LL2 ... OK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod jaro3 » 01 říj 2018 20:32

Advcleaner: nedal si odstranit:
PUP.Optional.Banggood banggood.com

znovu:
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod efendi7 » 02 říj 2018 11:55

ADWCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-02-2018
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************
RogueKiller:

RogueKiller V12.13.2.0 (x64) [Sep 24 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.17134) 64 bits version
Spuštěno : Normální režim
Uživatel : hp [Práva správce]
Started from : C:\Users\hp\Desktop\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 10/02/2018 09:14:54 (Duration : 00:28:54)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)

¤¤¤ Úlohy : 1 ¤¤¤
[Keylog.Gen0] \Microsoft\Windows\Conexant\MicTray -- "C:\Windows\System32\MicTray64.exe" -> Smazáno

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: INTEL SSDSCKKF256H6H +++++
--- User ---
[MBR] b23fe035a5ffcd01a07a9303e5052d92
[BSP] e6184a5617131a6c5c2dace9bf2da49c : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 360 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 739328 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1001472 | Size: 225246 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 462305280 | Size: 980 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 464312320 | Size: 17478 MB
User = LL1 ... OK
User = LL2 ... OK

Zemana AntiMalware:

Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2018.10.2
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
BIOS Mode : UEFI
CUID : 125190B2F9F05C40E02F8E
Scan Type : Skenování systému
Duration : 1m 54s
Scanned Objects : 148955
Detected Objects : 3
Excluded Objects : 0
Read Level : Normal
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

wszndesktop.exe
Status : Skenováno
Object : %appdata%\seznam.cz\bin\wszndesktop.exe
MD5 : F417B21647412D6FE712CA715351FFB1
Publisher : Seznam.cz, a.s.
Size : 109808
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %appdata%\seznam.cz\bin\wszndesktop.exe
Záznam registru - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\cz.seznam.software.szndesktop = "C:\Users\hp\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q

szninstall.exe
Status : Skenováno
Object : %appdata%\seznam.cz\szninstall.exe
MD5 : C73E94B86ED9B6BDFF199BB7E8BF9D77
Publisher : Seznam.cz, a.s.
Size : 1069296
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %appdata%\seznam.cz\szninstall.exe
Záznam registru - HKCU\Software\Microsoft\Windows\CurrentVersion\Run\cz.seznam.software.autoupdate = "C:\Users\hp\AppData\Roaming\Seznam.cz\szninstall.exe" -c

szninstall.exe
Status : Skenováno
Object : %programfiles%\seznam.cz\distribution\szninstall.exe
MD5 : C73E94B86ED9B6BDFF199BB7E8BF9D77
Publisher : Seznam.cz, a.s.
Size : 1069296
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %programfiles%\seznam.cz\distribution\szninstall.exe
Záznam registru - HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\seznam-listicka-distribuce = "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate


Cleaning Result
-------------------------------------------------------
Cleaned : 3
Reported as safe : 0
Failed : 0

HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:54, on 02.10.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)


Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\hp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\HP\HP Velocity\systray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Users\hp\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HPNotifications] C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\hp\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\hp\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\hp\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: HP Velocity.lnk = ?
O4 - Global Startup: NonSteam.bat
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 18.0.0 (AVP18.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
O23 - Service: CxAudioSvc - Conexant Systems, Inc - C:\WINDOWS\CxSvc\CxAudioSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\WINDOWS\CxSvc\CxUtilSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Služba DigitalPersona Authentication Service (DpHost) - Crossmatch, Inc. - c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Auditování/zamknutí zařízení nástroje HP (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: @oem34.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc (fpCsEvtSvc) - Unknown owner - C:\WINDOWS\system32\fpCSEvtSvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - HP - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HP WorkWise (HPWorkWise) - HP - C:\Program Files (x86)\HP\HP WorkWise\HPWorkWiseService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem116.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
O23 - Service: Intel(R) TPM Provisioning Service - Intel(R) Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Unknown owner - C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: klvssbridge64_18.0.0 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe
O23 - Service: Služba Kaspersky Secure Connection 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2018 (mitsijm2018) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @oem34.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 15794 bytes


Dále mi HJT píše, že nemá přístup do "Hosts file". Program radí, jak toto opravit, mám se o to pokusit? Děkuji

Pokusím se přidat obrázek, snad se Vám zobrazí:
Přílohy
HJT.JPG

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod jaro3 » 02 říj 2018 20:20

HJT se musí spouštět jako správce.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod efendi7 » 02 říj 2018 21:07

Vypnul jsem internet, spustil HJT jako správce, odstranil Vámi vypsané řádky, nicméně bohužel nepomohlo :-(

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod jaro3 » 02 říj 2018 22:25

pořád ta reklama?

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod efendi7 » 03 říj 2018 21:00

Ano, pořád ta reklama. Soubory mají příliš mnoho řádků, rozdělím je do více příspěvků.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.10.2018 01
Ran by hp (administrator) on HP-PROBOOK-440G (03-10-2018 20:52:47)
Running from C:\Users\hp\Desktop
Loaded Profiles: hp (Available Profiles: hp)
Platform: Windows 10 Pro Version 1803 17134.286 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Windows\System32\SynaMonApp.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Conexant Systems, Inc) C:\Windows\CxSvc\CxAudioSvc.exe
(Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Windows\System32\fpCSEvtSvc.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_54f280a3eabe2363\igfxEM.exe
(Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(LiveQoS Incorporated) C:\Program Files\HP\HP Velocity\systray.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [RtsCM] => C:\windows\RTSCM64.EXE [225248 2017-11-17] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2018-01-22] (Intel Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1396544 2016-10-07] (HP)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\...\Run: [Akamai NetSession Interface] => C:\Users\hp\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\...\Run: [Viber] => C:\Users\hp\AppData\Local\Viber\Viber.exe [35893832 2018-09-05] (Viber Media S.à r.l.)
HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\...\Policies\Explorer: []
Lsa: [Notification Packages] HPPwdFilter DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Velocity.lnk [2017-09-24]
ShortcutTarget: HP Velocity.lnk -> C:\Program Files\HP\HP Velocity\systray.exe (LiveQoS Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NonSteam.bat [2018-02-18] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\..\Interfaces\{194a7fde-65d7-4ce3-a6a8-a13be47f332b}: [DhcpNameServer] 94.142.233.120 94.142.233.140 192.168.1.1
Tcpip\..\Interfaces\{61e24665-926d-487b-84ff-f653d03e7026}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-11] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-07-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-11] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-21] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Ochrana Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-07-25]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-11] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2018-10-03]
CHR Extension: (Prezentace) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-23]
CHR Extension: (Dokumenty) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-23]
CHR Extension: (Disk Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-23]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-23]
CHR Extension: (Adobe Acrobat) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-05]
CHR Extension: (Tabulky) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (Ochrana Kaspersky) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/deta ... pnanfjnolk
CHR HKU\S-1-5-21-1812877471-1762286248-3674989829-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/deta ... pnanfjnolk

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk Inc.)
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522832 2018-09-06] (Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [43632 2018-03-13] (Conexant Systems, Inc)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [149104 2018-01-02] (Conexant Systems, Inc.)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [524736 2017-04-27] (Crossmatch, Inc.)
R2 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [589208 2016-12-15] (Hewlett-Packard Company)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [13824 2015-04-28] ()
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [470528 2017-02-13] (HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP)
S3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [1102560 2015-10-19] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
S3 HPWorkWise; C:\Program Files (x86)\HP\HP WorkWise\HPWorkWiseService.exe [559096 2017-05-26] (HP)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2018-01-22] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [204888 2017-11-21] (Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel Corporation)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [426416 2018-03-21] (AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 mitsijm2018; C:\Program Files\Autodesk\Inventor 2018\Moldflow\bin\mitsijm.exe [967664 2016-09-26] (Autodesk, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263720 2018-09-02] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82904 2017-12-12] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-02] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-02] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53752 2018-05-15] (HP)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (http://www.winchiphead.com)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [2275280 2018-04-12] (Conexant Systems Inc.)
R2 DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv64.sys [75792 2016-12-15] (Hewlett-Packard Enterpise Company)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-03-25] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-03-25] (Disc Soft Ltd)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [40960 2018-05-15] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel Corporation)
R1 IPeakLWF; C:\WINDOWS\system32\DRIVERS\ipeaklwf.sys [525144 2017-05-29] (LiveQoS Incorporated)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [120008 2018-05-06] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-07-25] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29816 2016-10-14] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-06] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1191616 2018-05-06] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [168760 2018-10-02] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1058504 2018-07-25] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
R3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [44768 2017-01-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236816 2018-10-01] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-10-01] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [290160 2018-10-01] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [110568 2018-10-01] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [194120 2018-10-01] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-03-23] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [141000 2018-07-25] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-03] (Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_c28ce899ddb87e9a\nvlddmkm.sys [14311352 2017-02-10] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782304 2017-02-25] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3236320 2017-11-17] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [46120 2018-09-02] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-02] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-10-02] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-02] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-10-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-10-02] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 20:52 - 2018-10-03 20:53 - 000026664 _____ C:\Users\hp\Desktop\FRST.txt
2018-10-03 20:52 - 2018-10-03 20:52 - 000000000 ____D C:\FRST
2018-10-03 20:52 - 2018-10-03 20:51 - 002414080 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2018-10-03 20:51 - 2018-10-03 20:51 - 002414080 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe
2018-10-03 20:50 - 2018-10-03 20:50 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-03 20:50 - 2018-10-03 20:50 - 000000000 ___HD C:\OneDriveTemp
2018-10-02 21:04 - 2018-10-02 21:04 - 000000000 ____D C:\Users\hp\Desktop\backups
2018-10-02 11:36 - 2018-10-03 20:53 - 000078328 _____ C:\WINDOWS\ZAM.krnl.trace
2018-10-02 11:36 - 2018-10-03 20:53 - 000056949 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-10-02 11:35 - 2018-10-02 11:35 - 006625600 _____ (Zemana Ltd. ) C:\Users\hp\Downloads\Zemana.AntiMalware.Setup.exe
2018-10-02 11:35 - 2018-10-02 11:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-10-02 11:35 - 2018-10-02 11:35 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-10-02 11:35 - 2018-10-02 11:35 - 000001228 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-10-02 11:35 - 2018-10-02 11:35 - 000000000 ____D C:\Users\hp\AppData\Local\Zemana
2018-10-02 11:35 - 2018-10-02 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-10-02 11:35 - 2018-10-02 11:35 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-10-01 09:48 - 2018-10-02 09:54 - 000000000 ____D C:\ProgramData\RogueKiller
2018-10-01 09:48 - 2018-10-02 09:14 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-10-01 09:47 - 2018-10-01 09:48 - 027152440 _____ (Adlice Software) C:\Users\hp\Desktop\RogueKiller_portable64.exe
2018-10-01 08:21 - 2018-10-01 08:21 - 000290160 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-10-01 08:20 - 2018-10-01 08:20 - 000236816 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-10-01 08:20 - 2018-10-01 08:20 - 000194120 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-10-01 08:20 - 2018-10-01 08:20 - 000110568 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2018-10-01 08:20 - 2018-10-01 08:20 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-10-01 08:19 - 2018-10-01 08:19 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-10-01 08:19 - 2018-10-01 08:19 - 000000000 ____D C:\ProgramData\Sophos
2018-10-01 08:19 - 2018-10-01 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-10-01 08:19 - 2018-10-01 08:19 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-10-01 08:10 - 2018-10-01 08:14 - 195958672 _____ (Sophos Limited) C:\Users\hp\Downloads\Sophos Virus Removal Tool.exe
2018-10-01 08:09 - 2018-10-01 08:09 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2018-10-01 08:04 - 2018-10-01 08:04 - 001790024 _____ (Malwarebytes) C:\Users\hp\Desktop\JRT.exe
2018-10-01 08:03 - 2018-10-02 09:12 - 000000000 ____D C:\Users\hp\Documents\nezadouci reklama
2018-09-26 11:28 - 2018-09-26 11:28 - 000001671 _____ C:\Users\hp\Documents\zprava.txt
2018-09-26 11:22 - 2018-09-26 11:22 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-26 11:22 - 2018-09-26 11:22 - 000000000 ____D C:\Users\hp\AppData\Local\mbamtray
2018-09-26 11:22 - 2018-09-26 11:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-26 11:22 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-26 11:21 - 2018-09-26 11:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-26 11:21 - 2018-09-26 11:20 - 080334792 _____ (Malwarebytes ) C:\Users\hp\Desktop\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.6985.exe
2018-09-26 11:20 - 2018-09-26 11:20 - 080334792 _____ (Malwarebytes ) C:\Users\hp\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.6985.exe
2018-09-26 11:15 - 2018-09-26 11:17 - 000000000 ____D C:\AdwCleaner
2018-09-26 11:14 - 2018-09-26 11:14 - 007567568 _____ (Malwarebytes) C:\Users\hp\Downloads\AdwCleaner.exe
2018-09-26 11:14 - 2018-09-26 11:14 - 007567568 _____ (Malwarebytes) C:\Users\hp\Desktop\AdwCleaner.exe
2018-09-26 11:10 - 2018-09-26 11:10 - 000448512 _____ (OldTimer Tools) C:\Users\hp\Downloads\TFC.exe
2018-09-24 11:40 - 2018-09-24 11:40 - 000000929 _____ C:\Users\hp\Downloads\jdem_zpatky_do_lesu.zip
2018-09-24 11:36 - 2018-09-24 11:36 - 000000635 _____ C:\Users\hp\Downloads\rovnou_tady_rovnou.zip
2018-09-24 11:33 - 2018-09-24 11:33 - 001749509 _____ C:\Users\hp\Downloads\co_se_bude_dit.zip
2018-09-24 11:33 - 2018-09-24 11:33 - 000000717 _____ C:\Users\hp\Downloads\john_hardy.zip
2018-09-24 11:22 - 2018-09-24 11:22 - 000000834 _____ C:\Users\hp\Downloads\vuz_do_tennessee.zip
2018-09-24 11:06 - 2018-09-24 11:06 - 003553334 _____ C:\Users\hp\Downloads\2.rar
2018-09-24 11:06 - 2018-09-24 11:06 - 003363238 _____ C:\Users\hp\Downloads\1.rar
2018-09-24 11:06 - 2018-09-24 11:06 - 000000000 ____D C:\Users\hp\Documents\harmonika
2018-09-24 11:02 - 2018-09-24 11:02 - 000754388 _____ C:\Users\hp\Downloads\obs.zip
2018-09-23 18:38 - 2018-09-23 18:38 - 000388608 _____ (Trend Micro Inc.) C:\Users\hp\Desktop\HijackThis.exe
2018-09-23 18:31 - 2018-09-23 18:31 - 000704165 _____ C:\Users\hp\Downloads\Doklad_Matěj počítač.pdf
2018-09-23 17:36 - 2018-09-15 10:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-23 17:36 - 2018-09-15 10:32 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-23 17:36 - 2018-09-15 10:32 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-09-23 17:36 - 2018-09-15 10:31 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-23 17:36 - 2018-09-15 10:31 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-09-23 17:36 - 2018-09-15 04:57 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-23 17:36 - 2018-09-15 04:56 - 000269320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-23 17:36 - 2018-09-15 04:51 - 001220920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-23 17:36 - 2018-09-15 04:51 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-23 17:36 - 2018-09-15 04:50 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-23 17:36 - 2018-09-15 04:50 - 000567080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-23 17:36 - 2018-09-15 04:50 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-23 17:36 - 2018-09-15 04:49 - 009090064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-23 17:36 - 2018-09-15 04:49 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-23 17:36 - 2018-09-15 04:49 - 001097760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-23 17:36 - 2018-09-15 04:48 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-23 17:36 - 2018-09-15 04:48 - 000713504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-23 17:36 - 2018-09-15 04:33 - 006567984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-23 17:36 - 2018-09-15 04:33 - 001129760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-23 17:36 - 2018-09-15 04:33 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-23 17:36 - 2018-09-15 04:33 - 000567280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-23 17:36 - 2018-09-15 04:33 - 000357064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-09-23 17:36 - 2018-09-15 04:20 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-09-23 17:36 - 2018-09-15 04:19 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-23 17:36 - 2018-09-15 04:19 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-23 17:36 - 2018-09-15 04:17 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-23 17:36 - 2018-09-15 04:16 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-23 17:36 - 2018-09-15 02:59 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-23 17:30 - 2018-02-06 12:07 - 000178256 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynaMonApp.exe
2018-09-23 17:30 - 2018-02-06 12:07 - 000002988 _____ C:\WINDOWS\system32\SynaMonApp.xml
2018-09-23 17:30 - 2017-09-18 10:45 - 000002988 _____ C:\WINDOWS\system32\MicTray64.xml
2018-09-23 17:30 - 2016-11-29 15:26 - 000007260 _____ C:\WINDOWS\system32\cxapo.prop
2018-09-23 17:28 - 2018-09-23 17:28 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-09-23 17:25 - 2018-09-05 00:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-09-18 19:41 - 2018-09-18 20:11 - 551497397 _____ C:\Users\hp\Downloads\Kobra 11 - 22x11 - Duchové minulosti.mp4
2018-09-18 18:38 - 2018-09-18 19:10 - 577447320 _____ C:\Users\hp\Downloads\Kobra 11 - 22x10 - Tým B.avi
2018-09-18 12:26 - 2018-09-18 12:26 - 000000710 _____ C:\Users\hp\AppData\Local\recently-used.xbel
2018-09-18 12:18 - 2018-09-18 12:18 - 005588184 _____ C:\Users\hp\Downloads\gcam-se-win32-2015.05.13.zip
2018-09-18 11:37 - 2018-09-18 12:23 - 000000853 _____ C:\Users\hp\Desktop\UniversalGcodeSender – zástupce.lnk
2018-09-14 08:11 - 2018-09-14 08:42 - 578951206 _____ C:\Users\hp\Downloads\Kobra 11 - 22x09 - Královrah.avi
2018-09-14 07:16 - 2018-09-20 07:01 - 000011114 _____ C:\Users\hp\Documents\Rozvrh, upravený.xlsx
2018-09-14 07:01 - 2018-09-14 07:15 - 000010884 _____ C:\Users\hp\Documents\Rozvrh.xlsx

efendi7
nováček
Příspěvky: 15
Registrován: září 18
Pohlaví: Muž
Stav:
Offline

Re: Nežádoucí reklama.

Příspěvekod efendi7 » 03 říj 2018 21:01

2018-09-13 21:07 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-13 21:07 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-13 21:07 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-13 21:07 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-13 21:07 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 21:07 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-13 21:07 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-13 21:07 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-13 21:07 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-13 21:07 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-13 21:07 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-13 21:07 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-13 21:07 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 21:07 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-13 21:07 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-13 21:07 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-13 21:07 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-13 21:07 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-13 21:07 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-13 21:07 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-13 21:07 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-13 21:07 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-13 21:07 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-13 21:07 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-13 21:07 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-13 21:07 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-13 21:07 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-13 21:07 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-13 21:07 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-13 21:07 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-13 21:07 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-13 21:07 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-13 21:07 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-13 21:07 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-13 21:07 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-13 21:07 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-13 21:07 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-13 21:07 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-13 21:07 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-13 21:07 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-13 21:07 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-13 21:07 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-13 21:07 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-13 21:07 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-13 21:07 - 2018-08-09 11:37 - 002267944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-09-13 21:07 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-13 21:07 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-13 21:07 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-13 21:07 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-13 21:07 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-13 21:07 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-13 21:07 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-13 21:07 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-13 21:07 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-13 21:07 - 2018-08-09 10:38 - 001538976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-09-13 21:07 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-13 21:07 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-13 21:07 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-13 21:07 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-13 21:07 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-13 21:07 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-13 21:07 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-13 21:07 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-13 21:07 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-13 21:07 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-13 21:07 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-13 21:07 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-13 21:07 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-13 21:07 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-13 21:07 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-13 21:07 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 21:07 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-13 21:07 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-13 21:07 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-13 21:07 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-13 21:07 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-13 21:07 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-13 21:07 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-13 21:07 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-13 21:07 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-13 21:07 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-13 21:07 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-13 21:07 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-13 21:07 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-13 21:07 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-13 21:07 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-13 21:06 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-13 21:06 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-13 21:06 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-13 21:06 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-13 21:06 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-13 21:06 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-13 21:06 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-13 21:06 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-13 21:06 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-13 21:06 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-13 21:06 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-13 21:06 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-13 21:06 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-13 21:06 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-13 21:06 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-13 21:06 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-13 21:06 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-13 21:06 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-13 21:06 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-13 21:06 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-13 21:06 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-13 21:06 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-13 21:06 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-13 21:06 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-13 21:06 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-13 21:06 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-13 21:06 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-13 21:06 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-13 21:06 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-13 21:06 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-13 21:06 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-13 21:06 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-13 21:06 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-13 21:06 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-13 21:06 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-13 21:06 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-13 21:06 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-13 21:06 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-13 21:06 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-13 21:06 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-13 21:06 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-13 21:06 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-13 21:06 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-13 21:06 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-13 21:06 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-13 21:06 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-13 21:06 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-13 21:06 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-13 21:06 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-13 21:06 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-13 21:06 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-13 21:06 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-13 21:06 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-13 21:06 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-13 21:06 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-13 21:06 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-13 21:06 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-13 21:06 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-13 21:06 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-13 21:06 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-13 21:06 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-13 21:06 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-13 21:06 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-13 21:06 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-13 21:06 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-13 21:06 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-13 21:06 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-13 21:06 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-13 21:06 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-13 21:06 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-13 21:06 - 2018-08-09 11:09 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageInspector.exe
2018-09-13 21:06 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-13 21:06 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-13 21:06 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-13 21:06 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-13 21:06 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-13 21:06 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-13 21:06 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-13 21:06 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-13 21:06 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-13 21:06 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-13 21:06 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-13 21:06 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-13 21:06 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-13 21:06 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-13 21:06 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-13 21:06 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-13 21:06 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-13 21:06 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-13 21:06 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-13 21:06 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-13 21:06 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-13 21:06 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-13 21:06 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-13 21:06 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-13 21:06 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-13 21:06 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-13 21:06 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-13 21:06 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-13 21:06 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-13 21:06 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-13 21:06 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-13 21:06 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-13 21:06 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-13 21:06 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-13 21:06 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-13 21:06 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-13 21:06 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-13 21:06 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-13 21:06 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-13 21:06 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-13 21:06 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-13 21:06 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-13 21:06 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-13 21:06 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 21:06 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-13 21:06 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-13 21:06 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-13 21:06 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-13 21:06 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-13 21:06 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-13 21:06 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-13 21:06 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-13 21:06 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-13 21:06 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-13 21:06 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-13 21:06 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-13 21:06 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-13 21:06 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-13 19:35 - 2018-09-13 20:05 - 557431161 _____ C:\Users\hp\Downloads\Kobra 11-22x07-Summer a Sharky.mp4
2018-09-13 18:45 - 2018-09-13 19:31 - 735672682 _____ C:\Users\hp\Downloads\Kobra.11.22x06.DVB-T.CZ.avi
2018-09-13 17:51 - 2018-09-13 18:33 - 766626570 _____ C:\Users\hp\Downloads\Kobra.11.22x05.DVB-T.CZ.avi
2018-09-13 17:01 - 2018-09-13 17:41 - 738472180 _____ C:\Users\hp\Downloads\Kobra.11.22x04.DVB-T.CZ.avi
2018-09-13 15:05 - 2018-09-13 15:45 - 731683040 _____ C:\Users\hp\Downloads\Kobra.11.22x03.DVB-T.CZ.avi
2018-09-13 06:15 - 2018-09-13 06:15 - 000076611 _____ C:\Users\hp\Downloads\24506-Přehled_nejpodstatnějších_změn.pdf
2018-09-12 20:54 - 2018-09-12 21:34 - 725593232 _____ C:\Users\hp\Downloads\Kobra.11.22x02.DVB-T.CZ.avi
2018-09-12 20:15 - 2018-09-12 20:15 - 000000000 ____D C:\Users\hp\AppData\Local\Viber
2018-09-12 19:56 - 2018-09-12 20:36 - 749607654 _____ C:\Users\hp\Downloads\Kobra.11.22x01.DVB-T.CZ.avi
2018-09-11 19:22 - 2018-09-11 20:02 - 740376576 _____ C:\Users\hp\Downloads\Nezvratný osud 5 - cz dabing.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 20:52 - 2018-03-21 18:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-03 20:50 - 2018-03-21 16:14 - 000000000 ___RD C:\Users\hp\OneDrive
2018-10-03 20:49 - 2018-05-18 08:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-03 20:49 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-03 20:49 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-03 20:49 - 2018-03-21 16:12 - 000000000 __SHD C:\Users\hp\IntelGraphicsProfiles
2018-10-03 20:49 - 2017-09-24 03:39 - 000000000 ____D C:\ProgramData\Synaptics
2018-10-03 20:49 - 2017-09-24 03:30 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-02 21:44 - 2018-05-18 07:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-02 21:11 - 2018-05-18 07:59 - 001881544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-02 21:11 - 2018-04-12 17:51 - 000779776 _____ C:\WINDOWS\system32\perfh005.dat
2018-10-02 21:11 - 2018-04-12 17:51 - 000177340 _____ C:\WINDOWS\system32\perfc005.dat
2018-10-02 21:11 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-02 21:05 - 2018-03-25 10:13 - 000000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForhp.job
2018-10-02 19:52 - 2018-06-14 17:21 - 000002078 _____ C:\Users\hp\UniversalGcodeSender.json
2018-10-02 19:20 - 2018-05-18 08:04 - 000003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForhp
2018-10-02 11:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-02 11:45 - 2018-08-15 19:53 - 000000000 ____D C:\Users\hp\AppData\Roaming\Seznam.cz
2018-10-02 09:24 - 2018-03-24 00:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-10-02 09:19 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-01 18:47 - 2018-03-27 17:47 - 000000000 ____D C:\Users\hp\Documents\ViberDownloads
2018-10-01 18:47 - 2018-03-27 17:47 - 000000000 ____D C:\Users\hp\AppData\Roaming\ViberPC
2018-10-01 10:09 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-10-01 08:15 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-01 08:05 - 2018-03-23 22:27 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-09-25 20:19 - 2018-07-17 13:28 - 000000000 ____D C:\Users\hp\Desktop\zpevnik
2018-09-25 19:54 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-09-23 17:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-23 17:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-23 17:30 - 2018-03-21 16:12 - 000000000 ____D C:\Users\hp\AppData\Local\Conexant
2018-09-23 17:30 - 2017-09-24 03:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2018-09-23 17:30 - 2017-09-24 03:45 - 000000000 ____D C:\WINDOWS\CxSvc
2018-09-23 17:30 - 2017-09-24 03:44 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2018-09-23 17:30 - 2017-09-24 03:44 - 000000000 ____D C:\Program Files\Conexant
2018-09-23 17:29 - 2017-09-24 03:46 - 000000000 ____D C:\Intel
2018-09-23 17:29 - 2017-09-24 03:43 - 000000000 ____D C:\ProgramData\Intel
2018-09-23 17:29 - 2017-04-01 05:07 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-23 17:28 - 2017-09-24 03:43 - 000000000 ____D C:\Program Files (x86)\Intel
2018-09-23 17:27 - 2017-09-24 03:42 - 000000000 ____D C:\Program Files\Intel
2018-09-23 17:24 - 2017-07-03 16:54 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-09-21 07:25 - 2017-04-01 05:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-21 07:18 - 2018-05-18 08:04 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812877471-1762286248-3674989829-1002
2018-09-21 07:18 - 2018-05-18 07:59 - 000002389 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-20 11:56 - 2018-05-18 08:04 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-09-20 11:56 - 2018-03-21 16:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-18 17:48 - 2018-06-14 20:58 - 000000000 ____D C:\Users\hp\AppData\Roaming\Brackets
2018-09-18 12:18 - 2018-09-02 18:47 - 000000000 ____D C:\CNC
2018-09-18 12:14 - 2018-05-26 13:09 - 000002672 _____ C:\Users\hp\Desktop\Autodesk Fusion 360.lnk
2018-09-18 08:53 - 2018-09-02 17:17 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-17 11:44 - 2018-03-25 14:02 - 000000000 ____D C:\Users\hp\AppData\Local\Packages
2018-09-16 15:58 - 2018-08-31 10:01 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-14 06:57 - 2018-05-18 07:55 - 000615160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-14 06:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-14 06:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-14 06:56 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-13 15:01 - 2018-05-18 20:28 - 000000000 ____D C:\Users\hp\AppData\Local\PlaceholderTileLogoFolder
2018-09-12 19:30 - 2018-03-23 22:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-12 19:18 - 2018-03-23 22:56 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-12 18:34 - 2018-03-26 21:37 - 000000000 ____D C:\Foto
2018-09-10 12:47 - 2018-08-31 10:01 - 000000000 ____D C:\Program Files\CCleaner
2018-09-05 01:04 - 2018-04-12 01:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-12 01:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-03 18:15 - 2018-08-31 09:48 - 000000000 ____D C:\ProgramData\TEMP
2018-09-03 18:13 - 2018-06-14 21:08 - 000000000 ____D C:\Program Files\Inkscape
2018-09-03 09:42 - 2018-09-02 17:45 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware

==================== Files in the root of some directories =======

2018-09-18 12:26 - 2018-09-18 12:26 - 000000710 _____ () C:\Users\hp\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
2018-10-01 09:48 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\Users\hp\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-18 07:55

==================== End of FRST.txt ============================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Majestic-12 [Bot] a 7 hostů