Prosím o kontrolu - dlouhý log - 3 posty

Zpráva

d_ejf · #1 Příspěvek od **d_ejf** » 02 črc 2017 17:29

Dobrý den, je to asi cca týden co se mi stala jedna věc. V počítači mám Comodo internet security a v rámci toho jdou spouštět nainstalované prohlížeče v počítači. Používal jsem to třeba v momentě, kdy jsem potřeboval internetové bankovnictví. No a jednoho dne jsem chtěl spustit Chrome, vyskočila nějaká hláška o tom, že došlo k nějaké chybě při načítání jazyka nebo něco takového, bohužel jsem tomu nevěnoval moc pozornost a nevím co to přesně bylo a od té doby mi Chrome v rámci Comoda nefunguje. Kliknu na ikonku a vůbec nenaběhne. Když ho spouštím normálně mimo Comodo, tak vše funguje ok, jde mi jen o to spuštění v rámci Comoda. Když jsem prohlížeč reinstaloval, takže ho v rámci Comoda spustím, ale nenaběhne žádná stránka, tváří se, jako kdyby neměl přístup k netu. Počítač jsem pročistil CCleanerem. A protože situace je stále stejná, tak přikládám log a chtěl jsem poprosil o kontrolu, jestli třeba něco nemám něco v počítači. Třeba se jen Chrome nebo Comodo nějak aktualizovalo a nebude to nyní fungovat, ale radši chtěl bych mít jistotu, že komp je čistý.
Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2017-07-02 18:20:08
Microsoft Windows 10 Home
System drive C: has 80 GB (35%) free of 228 GB
Total RAM: 8104 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:13, on 02.07.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=HCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IeUrlFilter Class - {2DD257A3-5028-41AE-A1E7-A12F76A08893} - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPRadioMgr] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
O4 - HKLM\..\Run: [vdcss] "C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe" -tray
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: HP Audio Switch.lnk = C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: csssrv - COMODO - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @oem9.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\windows\SysWoW64\esif_uf.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - c:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HPWMISVC - HP Inc. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @oem13.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - CyberLink - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12301 bytes

======Listing Processes======

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-19c1bfa6-e5f0-4277-a69b-19b192f5673d -SystemEventPortName:HostProcess-b7e22e3a-0a4d-44ab-8cd0-a2b601c04af0 -IoCancelEventPortName:HostProcess-26b1ee79-9935-4351-89e6-9d014a50b26d -NonStateChangingEventPortName:HostProcess-d4c45268-7998-4c55-87ba-85f6743d898e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2b67cd18-c609-4aba-b961-9bb649326e1d -DeviceGroupId:
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\igfxCUIService.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\WLANExt.exe 2742429451568
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k apphost
C:\windows\SysWoW64\esif_uf.exe
"c:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe" -service
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\windows\system32\ibtsiva
"C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe" -service
"c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\windows\system32\svchost.exe -k appmodel
"c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"

C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k rpcss
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
"c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
dashost.exe {c81493e7-a9fd-4366-a25a3c65031410e0}

C:\windows\System32\WinLogon.exe -SpecialSession
"dwm.exe"
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\windows\TEMP\DPTF\esif_assist_64.exe"
igfxEM.exe
igfxHK.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\windows\Explorer.EXE
"C:\windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe"
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\David\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\David\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=59.0.3071.115 --initial-client-data=0x274,0x278,0x27c,0x270,0x280,0x7ffd1f5e19d0,0x7ffd1f5e19b8,0x7ffd1f5e19e8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4788 --on-initialized-event-handle=768 --parent-handle=772 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1516 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,17,20,21,24,28,43,76 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6660 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2501.0 --gpu-driver-date=7-26-2016 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x1616 --service-request-channel-token=C37B30CD5464565E3F10D30F6592102C --mojo-platform-channel-handle=1604 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=09067354872B30A076609644AD37BA1D --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=09067354872B30A076609644AD37BA1D --renderer-client-id=4 --mojo-platform-channel-handle=2916 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=F0D2C288D6220025088934AF4BE40914 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F0D2C288D6220025088934AF4BE40914 --renderer-client-id=14 --mojo-platform-channel-handle=3840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=051A29459D32E9A2ACF784552F1425BA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=051A29459D32E9A2ACF784552F1425BA --renderer-client-id=7 --mojo-platform-channel-handle=4844 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=EF4758E6C1223BDC7A7C3E1CC78A95F3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=EF4758E6C1223BDC7A7C3E1CC78A95F3 --renderer-client-id=8 --mojo-platform-channel-handle=5716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=BE27601CAA9EA9FD472977ECA9A556B7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=BE27601CAA9EA9FD472977ECA9A556B7 --renderer-client-id=9 --mojo-platform-channel-handle=6152 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=1BAC1E2A4D00A43222C7AC80153A4587 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=1BAC1E2A4D00A43222C7AC80153A4587 --renderer-client-id=10 --mojo-platform-channel-handle=6636 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=A39838367F7AABDB9CE81DE542D06875 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A39838367F7AABDB9CE81DE542D06875 --renderer-client-id=11 --mojo-platform-channel-handle=7084 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=542843DC2843D3F5BC9F09754A64EF9D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=542843DC2843D3F5BC9F09754A64EF9D --renderer-client-id=12 --mojo-platform-channel-handle=7440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=364E1598D3D7E63FDF1ED5DC0F812369 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=364E1598D3D7E63FDF1ED5DC0F812369 --renderer-client-id=13 --mojo-platform-channel-handle=8232 /prefetch:1
"C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\windows\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=D8C5EF5DC3FADC01BE8608836C4A1467 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D8C5EF5DC3FADC01BE8608836C4A1467 --renderer-client-id=37 --mojo-platform-channel-handle=8760 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=5F9591DC0BCAFAFCDC80E4153E9F3F07 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=5F9591DC0BCAFAFCDC80E4153E9F3F07 --renderer-client-id=38 --mojo-platform-channel-handle=1768 /prefetch:1
C:\windows\system32\AUDIODG.EXE 0x44c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=A24CB5238B97AE8DC0C8B81E4B9CAD81 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=A24CB5238B97AE8DC0C8B81E4B9CAD81 --renderer-client-id=39 --mojo-platform-channel-handle=6528 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1516 --primordial-pipe-token=26C96DEC05768B2C395AFA8445E5429E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=26C96DEC05768B2C395AFA8445E5429E --renderer-client-id=43 --mojo-platform-channel-handle=9128 /prefetch:1
"C:\Users\David\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

d_ejf · #2 Příspěvek od **d_ejf** » 02 črc 2017 17:30

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DD257A3-5028-41AE-A1E7-A12F76A08893}]
IeUrlFilter Class - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2017-04-01 202936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DD257A3-5028-41AE-A1E7-A12F76A08893}]
IeUrlFilter Class - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2017-04-01 165048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-04-11 163528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14 1744176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-08-12 8843784]
"StartCN"=c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-27 6627720]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-08-25 4168296]
"COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23 1487552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2016-06-20 705784]
"HPRadioMgr"=C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [2016-08-02 324488]
"vdcss"=C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [2017-04-01 7690424]
"IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [2017-06-30 3632848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Audio Switch.lnk - C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-07-02 18:20:08 ----D---- C:\rsit
2017-07-02 18:20:08 ----D---- C:\Program Files\trend micro
2017-07-01 23:57:39 ----D---- C:\Program Files\CCleaner
2017-06-29 09:46:07 ----SD---- C:\windows\UpdateAssistantV2
2017-06-16 21:15:33 ----A---- C:\windows\SYSWOW64\CoreMessaging.dll
2017-06-16 21:15:33 ----A---- C:\windows\SYSWOW64\atmfd.dll
2017-06-16 21:15:32 ----A---- C:\windows\SYSWOW64\WWAHost.exe
2017-06-16 21:15:32 ----A---- C:\windows\SYSWOW64\puiobj.dll
2017-06-16 21:15:32 ----A---- C:\windows\SYSWOW64\fontdrvhost.exe
2017-06-16 21:15:32 ----A---- C:\windows\SYSWOW64\ExSMime.dll
2017-06-16 21:15:32 ----A---- C:\windows\SYSWOW64\DWrite.dll
2017-06-16 21:15:31 ----A---- C:\windows\SYSWOW64\win32kfull.sys
2017-06-16 21:15:31 ----A---- C:\windows\SYSWOW64\gdi32full.dll
2017-06-16 21:15:31 ----A---- C:\windows\SYSWOW64\CoreUIComponents.dll
2017-06-16 21:15:31 ----A---- C:\windows\SYSWOW64\atmlib.dll
2017-06-16 21:15:30 ----A---- C:\windows\SYSWOW64\shell32.dll
2017-06-16 21:15:30 ----A---- C:\windows\SYSWOW64\kerberos.dll
2017-06-16 21:15:29 ----A---- C:\windows\SYSWOW64\Windows.UI.Logon.dll
2017-06-16 21:15:29 ----A---- C:\windows\SYSWOW64\Windows.UI.BlockedShutdown.dll
2017-06-16 21:15:29 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2017-06-16 21:15:29 ----A---- C:\windows\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-16 21:15:28 ----A---- C:\windows\SYSWOW64\Windows.Media.Audio.dll
2017-06-16 21:15:28 ----A---- C:\windows\SYSWOW64\tquery.dll
2017-06-16 21:15:28 ----A---- C:\windows\SYSWOW64\mssrch.dll
2017-06-16 21:15:28 ----A---- C:\windows\SYSWOW64\CPFilters.dll
2017-06-16 21:15:27 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2017-06-16 21:15:27 ----A---- C:\windows\SYSWOW64\NetSetupEngine.dll
2017-06-16 21:15:27 ----A---- C:\windows\SYSWOW64\AppxPackaging.dll
2017-06-16 21:15:27 ----A---- C:\windows\SYSWOW64\AppointmentActivation.dll
2017-06-16 21:15:27 ----A---- C:\windows\SYSWOW64\aadtb.dll
2017-06-16 21:15:26 ----A---- C:\windows\SYSWOW64\UserDataTimeUtil.dll
2017-06-16 21:15:26 ----A---- C:\windows\SYSWOW64\NetSetupShim.dll
2017-06-16 21:15:26 ----A---- C:\windows\SYSWOW64\NetSetupApi.dll
2017-06-16 21:15:26 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2017-06-16 21:15:26 ----A---- C:\windows\system32\drivers\USBXHCI.SYS
2017-06-16 21:15:26 ----A---- C:\windows\system32\drivers\sdbus.sys
2017-06-16 21:15:26 ----A---- C:\windows\system32\drivers\dumpsd.sys
2017-06-16 21:15:26 ----A---- C:\windows\system32\drivers\BasicRender.sys
2017-06-16 21:15:25 ----A---- C:\windows\SYSWOW64\tcpipcfg.dll
2017-06-16 21:15:25 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2017-06-16 21:15:25 ----A---- C:\windows\SYSWOW64\hnetcfg.dll
2017-06-16 21:15:25 ----A---- C:\windows\SYSWOW64\edputil.dll
2017-06-16 21:15:25 ----A---- C:\windows\SYSWOW64\certutil.exe
2017-06-16 21:15:25 ----A---- C:\windows\SYSWOW64\AuthBrokerUI.dll
2017-06-16 21:15:24 ----A---- C:\windows\SYSWOW64\tzres.dll
2017-06-16 21:15:24 ----A---- C:\windows\SYSWOW64\fdProxy.dll
2017-06-16 21:15:24 ----A---- C:\windows\system32\WWAHost.exe
2017-06-16 21:15:24 ----A---- C:\windows\system32\MusUpdateHandlers.dll
2017-06-16 21:15:24 ----A---- C:\windows\system32\mssrch.dll
2017-06-16 21:15:23 ----A---- C:\windows\system32\wuuhext.dll
2017-06-16 21:15:23 ----A---- C:\windows\system32\tquery.dll
2017-06-16 21:15:23 ----A---- C:\windows\system32\SearchIndexer.exe
2017-06-16 21:15:23 ----A---- C:\windows\system32\mssprxy.dll
2017-06-16 21:15:21 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2017-06-16 21:15:21 ----A---- C:\windows\system32\Windows.Media.Audio.dll
2017-06-16 21:15:21 ----A---- C:\windows\system32\UserDataTimeUtil.dll
2017-06-16 21:15:21 ----A---- C:\windows\system32\OOBEUpdater.exe
2017-06-16 21:15:20 ----A---- C:\windows\system32\NetSetupEngine.dll
2017-06-16 21:15:19 ----A---- C:\windows\system32\KernelBase.dll
2017-06-16 21:15:19 ----A---- C:\windows\system32\drivers\tcpip.sys
2017-06-16 21:15:19 ----A---- C:\windows\system32\drivers\ndis.sys
2017-06-16 21:15:18 ----A---- C:\windows\system32\shell32.dll
2017-06-16 21:15:18 ----A---- C:\windows\system32\localspl.dll
2017-06-16 21:15:15 ----A---- C:\windows\system32\wpninprc.dll
2017-06-16 21:15:15 ----A---- C:\windows\system32\win32spl.dll
2017-06-16 21:15:15 ----A---- C:\windows\system32\puiobj.dll
2017-06-16 21:15:15 ----A---- C:\windows\system32\MusNotification.exe
2017-06-16 21:15:14 ----A---- C:\windows\system32\NetSetupSvc.dll
2017-06-16 21:15:14 ----A---- C:\windows\system32\NetSetupApi.dll
2017-06-16 21:15:14 ----A---- C:\windows\system32\MusNotificationUx.exe
2017-06-16 21:15:14 ----A---- C:\windows\system32\musdialoghandlers.dll
2017-06-16 21:15:14 ----A---- C:\windows\system32\drivers\tdx.sys
2017-06-16 21:15:04 ----A---- C:\windows\system32\netcorehc.dll
2017-06-16 21:15:03 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2017-06-16 21:15:02 ----A---- C:\windows\SYSWOW64\edgehtml.dll
2017-06-16 21:15:00 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-06-16 21:15:00 ----A---- C:\windows\SYSWOW64\ieproxy.dll
2017-06-16 21:15:00 ----A---- C:\windows\SYSWOW64\Chakradiag.dll
2017-06-16 21:14:59 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-06-16 21:14:58 ----A---- C:\windows\SYSWOW64\Chakra.dll
2017-06-16 21:14:58 ----A---- C:\windows\system32\jscript9.dll
2017-06-16 21:14:57 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-06-16 21:14:57 ----A---- C:\windows\system32\ieproxy.dll
2017-06-16 21:14:56 ----A---- C:\windows\system32\ieframe.dll
2017-06-16 21:14:56 ----A---- C:\windows\system32\Chakra.dll
2017-06-16 21:14:55 ----A---- C:\windows\system32\win32kbase.sys
2017-06-16 21:14:55 ----A---- C:\windows\system32\mshtml.dll
2017-06-16 21:14:55 ----A---- C:\windows\system32\FntCache.dll
2017-06-16 21:14:55 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2017-06-16 21:14:54 ----A---- C:\windows\system32\ntoskrnl.exe
2017-06-16 21:14:53 ----A---- C:\windows\system32\DWrite.dll
2017-06-16 21:14:53 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-06-16 21:14:53 ----A---- C:\windows\system32\CoreUIComponents.dll
2017-06-16 21:14:52 ----A---- C:\windows\system32\kerberos.dll
2017-06-16 21:14:52 ----A---- C:\windows\system32\edgehtml.dll
2017-06-16 21:14:49 ----A---- C:\windows\system32\Windows.UI.Logon.dll
2017-06-16 21:14:49 ----A---- C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-16 21:14:49 ----A---- C:\windows\system32\aadtb.dll
2017-06-16 21:14:48 ----A---- C:\windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-16 21:14:48 ----A---- C:\windows\system32\msv1_0.dll
2017-06-16 21:14:48 ----A---- C:\windows\system32\efscore.dll
2017-06-16 21:14:48 ----A---- C:\windows\system32\cloudAP.dll
2017-06-16 21:14:48 ----A---- C:\windows\system32\AppxPackaging.dll
2017-06-16 21:14:48 ----A---- C:\windows\HelpPane.exe
2017-06-16 21:14:47 ----A---- C:\windows\system32\hnetcfg.dll
2017-06-16 21:14:44 ----A---- C:\windows\system32\gdi32full.dll
2017-06-16 21:14:44 ----A---- C:\windows\system32\fontdrvhost.exe
2017-06-16 21:14:44 ----A---- C:\windows\system32\atmfd.dll
2017-06-16 21:14:43 ----A---- C:\windows\system32\wuaueng.dll
2017-06-16 21:14:43 ----A---- C:\windows\system32\win32kfull.sys
2017-06-16 21:14:43 ----A---- C:\windows\system32\sppobjs.dll
2017-06-16 21:14:43 ----A---- C:\windows\system32\CPFilters.dll
2017-06-16 21:14:42 ----A---- C:\windows\system32\lsasrv.dll
2017-06-16 21:14:41 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2017-06-16 21:14:41 ----A---- C:\windows\system32\CoreMessaging.dll
2017-06-16 21:14:38 ----A---- C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-16 21:14:38 ----A---- C:\windows\system32\NetworkMobileSettings.dll
2017-06-16 21:14:36 ----A---- C:\windows\system32\hvix64.exe
2017-06-16 21:14:36 ----A---- C:\windows\system32\hvax64.exe
2017-06-16 21:14:35 ----A---- C:\windows\system32\invagent.dll
2017-06-16 21:14:35 ----A---- C:\windows\system32\appraiser.dll
2017-06-16 21:14:35 ----A---- C:\windows\system32\aepic.dll
2017-06-16 21:14:35 ----A---- C:\windows\system32\aeinv.dll
2017-06-16 21:14:35 ----A---- C:\windows\system32\acmigration.dll
2017-06-16 21:14:34 ----A---- C:\windows\system32\securekernel.exe
2017-06-16 21:14:34 ----A---- C:\windows\system32\generaltel.dll
2017-06-16 21:14:34 ----A---- C:\windows\system32\drivers\cng.sys
2017-06-16 21:14:34 ----A---- C:\windows\system32\devinv.dll
2017-06-16 21:14:34 ----A---- C:\windows\system32\CompatTelRunner.exe
2017-06-16 21:14:33 ----A---- C:\windows\SYSWOW64\aepic.dll
2017-06-16 21:14:33 ----A---- C:\windows\system32\winsrv.dll
2017-06-16 21:14:33 ----A---- C:\windows\system32\NetSetupShim.dll
2017-06-16 21:14:33 ----A---- C:\windows\system32\dcntel.dll
2017-06-16 21:14:33 ----A---- C:\windows\system32\certutil.exe
2017-06-16 21:14:33 ----A---- C:\windows\system32\atmlib.dll
2017-06-16 21:14:32 ----A---- C:\windows\system32\ImplatSetup.dll
2017-06-16 21:14:32 ----A---- C:\windows\system32\drivers\tm.sys
2017-06-16 21:14:32 ----A---- C:\windows\system32\drivers\storport.sys
2017-06-16 21:14:32 ----A---- C:\windows\system32\dpapisrv.dll
2017-06-16 21:14:32 ----A---- C:\windows\system32\DeviceCensus.exe
2017-06-16 21:14:31 ----A---- C:\windows\system32\HNetCfgClient.dll
2017-06-16 21:14:31 ----A---- C:\windows\system32\fdProxy.dll
2017-06-16 21:14:31 ----A---- C:\windows\system32\edputil.dll
2017-06-16 21:14:31 ----A---- C:\windows\system32\AuthBrokerUI.dll
2017-06-16 21:14:30 ----A---- C:\windows\system32\tzres.dll

d_ejf · #3 Příspěvek od **d_ejf** » 02 črc 2017 17:30

======List of files/folders modified in the last 1 month======

2017-07-02 18:20:13 ----D---- C:\windows\Prefetch
2017-07-02 18:20:08 ----RD---- C:\Program Files
2017-07-02 18:17:49 ----RD---- C:\Program Files (x86)
2017-07-02 18:17:49 ----D---- C:\windows\Temp
2017-07-02 17:58:38 ----D---- C:\Windows
2017-07-02 17:58:34 ----D---- C:\windows\INF
2017-07-02 17:58:05 ----D---- C:\windows\system32\sru
2017-07-02 17:56:45 ----D---- C:\windows\System32
2017-07-02 17:56:45 ----A---- C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-02 00:36:24 ----D---- C:\windows\system32\SleepStudy
2017-07-02 00:00:37 ----D---- C:\windows\Panther
2017-07-02 00:00:37 ----D---- C:\windows\debug
2017-07-01 23:57:41 ----D---- C:\windows\system32\Tasks
2017-07-01 23:40:06 ----RD---- C:\windows\ImmersiveControlPanel
2017-07-01 23:31:01 ----D---- C:\Users\David\AppData\Roaming\vlc
2017-07-01 20:34:41 ----D---- C:\windows\AppReadiness
2017-07-01 11:18:55 ----HD---- C:\Program Files\WindowsApps
2017-07-01 11:17:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-06-30 21:21:03 ----D---- C:\windows\SysWOW64
2017-06-30 21:21:03 ----D---- C:\windows\system32\drivers
2017-06-30 21:21:01 ----D---- C:\Program Files (x86)\COMODO
2017-06-30 21:20:58 ----D---- C:\ProgramData\Comodo
2017-06-30 09:11:47 ----A---- C:\windows\system32\iseguard64.dll
2017-06-30 09:11:41 ----A---- C:\windows\SYSWOW64\iseguard32.dll
2017-06-29 22:23:54 ----RD---- C:\windows\Microsoft.NET
2017-06-29 22:23:35 ----RSD---- C:\windows\assembly
2017-06-29 09:57:21 ----D---- C:\windows\system32\config
2017-06-29 09:47:50 ----D---- C:\windows\WinSxS
2017-06-29 09:47:45 ----D---- C:\windows\system32\DriverStore
2017-06-29 09:46:15 ----D---- C:\windows\SYSWOW64\cs-CZ
2017-06-29 09:46:10 ----D---- C:\windows\system32\wbem
2017-06-29 09:46:10 ----D---- C:\windows\system32\sr-Latn-CS
2017-06-29 09:46:10 ----D---- C:\windows\system32\cs-CZ
2017-06-29 09:46:09 ----D---- C:\windows\system32\appraiser
2017-06-29 09:46:09 ----D---- C:\windows\ShellExperiences
2017-06-29 09:46:08 ----D---- C:\windows\AppPatch
2017-06-27 22:12:01 ----D---- C:\windows\system32\catroot2
2017-06-27 22:12:00 ----SHD---- C:\System Volume Information
2017-06-24 09:43:25 ----SHD---- C:\windows\Installer
2017-06-24 09:43:04 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-06-24 09:42:08 ----AD---- C:\Program Files\Microsoft Office 15
2017-06-16 21:28:23 ----D---- C:\windows\system32\MRT
2017-06-16 21:24:35 ----AC---- C:\windows\system32\MRT.exe
2017-06-16 21:24:33 ----D---- C:\windows\CbsTemp
2017-06-03 08:36:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2016-03-22 1469944]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\windows\system32\drivers\iorate.sys [2016-11-02 48992]
R1 cmdcss;COMODO Secure Shopping; C:\windows\system32\drivers\cmdcss.sys [2017-03-31 126056]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\windows\System32\DRIVERS\cmderd.sys [2017-03-31 40960]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\windows\system32\DRIVERS\cmdguard.sys [2017-03-31 831504]
R1 cmdhlp;COMODO Internet Security Helper Driver; C:\windows\system32\DRIVERS\cmdhlp.sys [2017-03-31 50808]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\windows\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\windows\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 inspect;@oem33.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver; C:\windows\system32\DRIVERS\inspect.sys [2017-03-31 129200]
R1 isedrv;Internet Security Essentials; C:\windows\system32\drivers\isedrv.sys [2017-03-29 62208]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\windows\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\windows\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\windows\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2016-08-12 26711040]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2016-08-12 500736]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\drivers\BTHUSB.sys [2016-11-08 84992]
R3 dptf_cpu;dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [2016-07-05 52208]
R3 dptf_pch;dptf_pch; C:\windows\System32\drivers\dptf_pch.sys [2016-07-05 50672]
R3 esif_lf;esif_lf; C:\windows\system32\DRIVERS\esif_lf.sys [2016-07-05 260080]
R3 ibtusb;@oem13.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\windows\system32\DRIVERS\ibtusb.sys [2017-04-13 244744]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2016-12-08 7969752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2016-08-12 5251592]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverW8x64.sys [2016-03-28 186424]
R3 Netwtw04;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\windows\System32\drivers\Netwtw04.sys [2016-07-31 7237392]
R3 rt640x64;@oem15.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\windows\System32\drivers\rt640x64.sys [2016-02-25 935168]
R3 SensorsHIDClassDriver;@SensorsHidClassDriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for Sensors HID Class Driver; C:\windows\System32\drivers\WUDFRd.sys [2016-07-16 216064]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-08-25 64104]
R3 SynTP;@oem28.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2016-08-25 902248]
S0 LSI_SAS2i;LSI_SAS2i; C:\windows\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\windows\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\windows\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\windows\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\windows\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\windows\System32\drivers\scmbus.sys [2017-04-28 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\windows\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\windows\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\windows\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\windows\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\windows\system32\drivers\BthA2DP.sys [2016-09-15 168448]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2016-11-08 114176]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\windows\System32\drivers\BthHfAud.sys [2016-07-16 37376]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\System32\drivers\BthLEEnum.sys [2017-04-28 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\drivers\BTHport.sys [2017-04-28 967680]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\windows\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\windows\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\windows\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\windows\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\windows\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\windows\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\windows\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\windows\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\windows\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\windows\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\windows\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\windows\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\windows\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 IntcDAud;@oem11.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2016-08-05 481768]
S3 irda;IrDA; C:\windows\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\windows\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\windows\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\windows\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\windows\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 RTSUER;@oem22.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\windows\system32\Drivers\RtsUer.sys [2016-07-08 416472]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\windows\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 SmbDrv;SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [2016-08-25 60008]
S3 ssudmdm;@oem37.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2016-08-12 269824]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2016-07-16 44496]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_c89a6f;CDPUserSvc_c89a6f; C:\windows\system32\svchost.exe [2016-07-16 44496]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-03-14 3042544]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2017-04-23 10512032]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\windows\system32\svchost.exe [2016-07-16 44496]
R2 csssrv;csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [2017-04-01 3210936]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\windows\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
R2 esifsvc;@oem9.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\windows\SysWoW64\esif_uf.exe [2016-07-05 1419424]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; c:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-06-23 642464]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2016-08-04 894976]
R2 HPWMISVC;HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2016-06-20 631800]
R2 ibtsiva;@oem13.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\windows\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2016-12-08 373720]
R2 isesrv;isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [2017-06-30 133840]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-05-25 209184]
R2 OneSyncSvc_c89a6f;Hostitel synchronizace_c89a6f; C:\windows\system32\svchost.exe [2016-07-16 44496]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-06-23 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2016-03-23 614664]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-08-12 314624]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-08-25 258152]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\windows\system32\svchost.exe [2016-07-16 44496]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2017-04-23 2876096]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\windows\System32\svchost.exe [2016-07-16 44496]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\windows\system32\svchost.exe [2016-07-16 44496]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\windows\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\windows\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\windows\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-20 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-20 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\windows\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2016-12-08 301528]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-20 143144]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-20 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-02-19 974632]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_c89a6f;Služba zasílání zpráv_c89a6f; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-06-23 268704]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-03-08 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_c89a6f;Data kontaktů_c89a6f; C:\windows\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\windows\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\windows\System32\SensorDataService.exe [2017-03-04 1312768]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\windows\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\windows\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------

d_ejf · #4 Příspěvek od **d_ejf** » 03 črc 2017 21:02

Dobrý den,

tak drobná aktualizace. Problém s funkcí Chromu při spuštění v Comodu kontejneru jsem vyřešil tak, že jsem dal v Comodu "Obnovit sanbox" a najednou začal Chrome při spuštění v kontejneru opět fungovat. Při té příležitosti jsem zjistil, že se mi v pátek nainstaloval jakýsi Internet Seciruty Essentials, který jsem odinstaloval, protože si nepamatuji, že bych ho sám instaloval.
Rád bych tedy požádal pro jistotu o kontrolu logu, jestli je vše ok. Mám přiložit nový?

Děkuji Vám.

#5 Příspěvek od **Márty84** » 04 črc 2017 09:42

Zdravim

Nemusite zatim davat novy log z RSIT.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

d_ejf · #6 Příspěvek od **d_ejf** » 06 črc 2017 10:57

Dobrý den,

přikládám logy:

# AdwCleaner v6.047 - Log vytvořen 06/07/2017 v 09:17:05
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-07-06.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : David - LAPTOP-FURA4EBM
# Spuštěno z : C:\Users\David\Desktop\adwcleaner_6.047.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.

***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.

***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.

***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.

***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.

***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.

***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.

***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.

***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1218 Bajty] - [06/07/2017 09:17:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1291 Bajty] ##########

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 06.07.17
Čas skenování: 9:27
Logovací soubor: log.txt
Správce: Ano

-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.160
Aktualizovat verzi balíku komponent: 1.0.2300
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 14393.1358)
CPU: x64
Systém souborů: NTFS
Uživatel: LAPTOP-FURA4EBM\David

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 346261
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 52 min, 53 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#7 Příspěvek od **Márty84** » 06 črc 2017 17:57

MBAM odinstalujte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

d_ejf · #8 Příspěvek od **d_ejf** » 06 črc 2017 20:18

Dobrý den,

přikládám, launcher jsem nebyl schopnej stáhnout, takže jsem použil jen FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2017
Ran by David (administrator) on LAPTOP-FURA4EBM (06-07-2017 21:12:41)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: defaultuser0 & David)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(COMODO) C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-12] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6627720 2016-07-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4168296 2016-08-25] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1487552 2017-04-23] (COMODO)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [7690424 2017-04-01] (COMODO)
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-09-21]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2017-03-30]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{b27bbdbf-4c81-4eb1-9829-66bf96021acc}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HCTE
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {6A895CCA-1F48-4584-95B4-017D2CEED056} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {6A895CCA-1F48-4584-95B4-017D2CEED056} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1976776874-1411867160-1571642719-1001 -> {6A895CCA-1F48-4584-95B4-017D2CEED056} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2017-04-01] (COMODO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2017-04-01] (COMODO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-07-02] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-07-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-07-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2017-07-06]
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-20]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-30]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-30]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-20]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 gpsvc; C:\windows\System32\gpsvc.dll [1227264 2017-03-04] (Microsoft Corporation) [File not signed]
R2 nsi; C:\windows\System32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WinHttpAutoProxySvc; C:\windows\system32\winhttp.dll [818176 2017-03-04] (Microsoft Corporation) [File not signed]
U3 WinHttpAutoProxySvc; C:\windows\SysWOW64\winhttp.dll [636928 2017-03-04] (Microsoft Corporation) [File not signed]
U3 AJRouter; C:\windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation) [File not signed]
U3 ALG; C:\windows\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation) [File not signed]
U2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [269824 2016-08-12] (AMD) [File not signed]
U2 AppHostSvc; C:\windows\system32\inetsrv\apphostsvc.dll [64512 2016-07-29] (Microsoft Corporation) [File not signed]
U2 AppHostSvc; C:\windows\SysWOW64\inetsrv\apphostsvc.dll [57856 2016-07-29] (Microsoft Corporation) [File not signed]
U3 AppIDSvc; C:\windows\System32\appidsvc.dll [124416 2017-04-28] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\windows\System32\appinfo.dll [125952 2017-03-04] (Microsoft Corporation) [File not signed]
U3 AppReadiness; C:\windows\system32\AppReadiness.dll [560128 2017-04-28] (Microsoft Corporation) [File not signed]
U3 AppXSvc; C:\windows\system32\appxdeploymentserver.dll [2278400 2017-03-18] (Microsoft Corporation) [File not signed]
U2 AudioEndpointBuilder; C:\windows\System32\AudioEndpointBuilder.dll [337920 2017-04-28] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\windows\System32\Audiosrv.dll [942080 2017-04-28] (Microsoft Corporation) [File not signed]
U3 AxInstSV; C:\windows\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation) [File not signed]
U3 BDESVC; C:\windows\System32\bdesvc.dll [361472 2016-09-15] (Microsoft Corporation) [File not signed]
U2 BFE; C:\windows\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation) [File not signed]
U2 BITS; C:\windows\System32\qmgr.dll [1054208 2016-10-15] (Microsoft Corporation) [File not signed]
U2 BrokerInfrastructure; C:\windows\System32\bisrv.dll [770560 2017-04-28] (Microsoft Corporation) [File not signed]
U3 Browser; C:\windows\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation) [File not signed]
U3 BthHFSrv; C:\windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation) [File not signed]
U3 bthserv; C:\windows\system32\bthserv.dll [157184 2017-04-28] (Microsoft Corporation) [File not signed]
U2 CDPSvc; C:\windows\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation) [File not signed]
U2 CDPUserSvc; C:\windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation) [File not signed]
U3 CertPropSvc; C:\windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation) [File not signed]
U2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
U2 CoreMessagingRegistrar; C:\windows\SysWOW64\coremessaging.dll [483840 2017-06-03] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\windows\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation) [File not signed]
U2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [3210936 2017-04-01] (COMODO)
U2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc.)
U3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc.)
R2 DcomLaunch; C:\windows\system32\rpcss.dll [890368 2017-04-28] (Microsoft Corporation) [File not signed]
U3 DcpSvc; C:\windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation) [File not signed]
U3 defragsvc; C:\windows\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation) [File not signed]
U3 DeviceAssociationService; C:\windows\system32\das.dll [447488 2016-09-21] (Microsoft Corporation) [File not signed]
U3 DeviceInstall; C:\windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation) [File not signed]
U3 DevQueryBroker; C:\windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation) [File not signed]
U2 Dhcp; C:\windows\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation) [File not signed]
U2 Dhcp; C:\windows\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation) [File not signed]
U3 diagnosticshub.standardcollector.service; C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation) [File not signed]
U2 DiagTrack; C:\windows\system32\diagtrack.dll [1984000 2017-04-28] (Microsoft Corporation) [File not signed]
U3 DmEnrollmentSvc; C:\windows\system32\Windows.Internal.Management.dll [407552 2017-04-28] (Microsoft Corporation) [File not signed]
U3 DmEnrollmentSvc; C:\windows\SysWOW64\Windows.Internal.Management.dll [298496 2017-04-28] (Microsoft Corporation) [File not signed]
U3 dmwappushservice; C:\windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation) [File not signed]
U2 Dnscache; C:\windows\System32\dnsrslvr.dll [264704 2017-03-04] (Microsoft Corporation) [File not signed]
U2 DoSvc; C:\windows\system32\dosvc.dll [1231872 2017-03-28] (Microsoft Corporation) [File not signed]
U3 dot3svc; C:\windows\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation) [File not signed]
U2 DPS; C:\windows\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation) [File not signed]
U3 DsmSvc; C:\windows\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation) [File not signed]
U3 DsSvc; C:\windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation) [File not signed]
U3 EapHost; C:\windows\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation) [File not signed]
U3 EFS; C:\windows\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation) [File not signed]
U3 embeddedmode; C:\windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation) [File not signed]
U3 EntAppSvc; C:\windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation) [File not signed]
U2 esifsvc; C:\windows\SysWoW64\esif_uf.exe [1419424 2016-07-05] (Intel Corporation)
U2 EventLog; C:\windows\System32\wevtsvc.dll [1709056 2016-09-15] (Microsoft Corporation) [File not signed]
U2 EventSystem; C:\windows\system32\es.dll [453632 2016-07-16] (Microsoft Corporation) [File not signed]
U2 EventSystem; C:\windows\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Fax; C:\windows\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation) [File not signed]
U3 fdPHost; C:\windows\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation) [File not signed]
U3 FDResPub; C:\windows\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation) [File not signed]
U3 fhsvc; C:\windows\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation) [File not signed]
U2 FontCache; C:\windows\system32\FntCache.dll [1845248 2017-06-03] (Microsoft Corporation) [File not signed]
U3 FrameServer; C:\windows\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation) [File not signed]
U3 hidserv; C:\windows\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation) [File not signed]
U3 hidserv; C:\windows\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HomeGroupListener; C:\windows\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation) [File not signed]
U3 HomeGroupProvider; C:\windows\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HomeGroupProvider; C:\windows\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation) [File not signed]
U2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
U2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
U3 HvHost; C:\windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation) [File not signed]
U3 icssvc; C:\windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation) [File not signed]
U2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [373720 2016-12-08] (Intel Corporation)
U2 IKEEXT; C:\windows\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
U2 iphlpsvc; C:\windows\System32\iphlpsvc.dll [945664 2017-03-04] (Microsoft Corporation) [File not signed]
U3 irmon; C:\windows\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation) [File not signed]
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
U3 KeyIso; C:\windows\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation) [File not signed]
U3 KeyIso; C:\windows\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation) [File not signed]
U3 KtmRm; C:\windows\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation) [File not signed]
U2 LanmanServer; C:\windows\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\windows\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation) [File not signed]
U3 lfsvc; C:\windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation) [File not signed]
U3 LicenseManager; C:\windows\system32\LicenseManagerSvc.dll [26112 2016-11-08] (Microsoft Corporation) [File not signed]
U3 lltdsvc; C:\windows\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation) [File not signed]
U3 lmhosts; C:\windows\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation) [File not signed]
U2 LSM; C:\windows\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation) [File not signed]
U2 MapsBroker; C:\windows\System32\moshost.dll [82944 2017-03-04] (Microsoft Corporation) [File not signed]
U3 MessagingService; C:\windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation) [File not signed]
U2 MpsSvc; C:\windows\system32\mpssvc.dll [893952 2017-03-04] (Microsoft Corporation) [File not signed]
U3 MSDTC; C:\windows\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MSiSCSI; C:\windows\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\windows\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\windows\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
U3 NcaSvc; C:\windows\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NcbService; C:\windows\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NcdAutoSetup; C:\windows\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Netlogon; C:\windows\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Netlogon; C:\windows\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Netman; C:\windows\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation) [File not signed]
U3 netprofm; C:\windows\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NetSetupSvc; C:\windows\System32\NetSetupSvc.dll [266752 2017-06-03] (Microsoft Corporation) [File not signed]
U3 NgcCtnrSvc; C:\windows\System32\NgcCtnrSvc.dll [331264 2017-04-28] (Microsoft Corporation) [File not signed]
U3 NgcSvc; C:\windows\system32\ngcsvc.dll [983040 2017-04-28] (Microsoft Corporation) [File not signed]
U2 NlaSvc; C:\windows\System32\nlasvc.dll [368640 2016-10-05] (Microsoft Corporation) [File not signed]
U2 OneSyncSvc; C:\windows\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation) [File not signed]
U3 p2pimsvc; C:\windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 p2psvc; C:\windows\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PerfHost; C:\windows\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PhoneSvc; C:\windows\System32\PhoneService.dll [781824 2016-09-07] (Microsoft Corporation) [File not signed]
U3 PimIndexMaintenanceSvc; C:\windows\System32\PimIndexMaintenance.dll [203264 2017-03-04] (Microsoft Corporation) [File not signed]
U3 pla; C:\windows\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation) [File not signed]
U3 pla; C:\windows\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PlugPlay; C:\windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PNRPAutoReg; C:\windows\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PNRPsvc; C:\windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PolicyAgent; C:\windows\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation) [File not signed]
U2 Power; C:\windows\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PrintNotify; C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll [3318784 2017-04-28] (Microsoft Corporation) [File not signed]
U2 ProfSvc; C:\windows\system32\profsvc.dll [358400 2016-09-15] (Microsoft Corporation) [File not signed]
U3 QWAVE; C:\windows\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation) [File not signed]
U3 QWAVE; C:\windows\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\windows\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\windows\System32\rasmans.dll [657920 2017-04-28] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\windows\System32\mprdim.dll [496128 2016-09-15] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\windows\SysWOW64\mprdim.dll [431104 2016-09-15] (Microsoft Corporation) [File not signed]
U4 RemoteRegistry; C:\windows\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RetailDemo; C:\windows\system32\RDXService.dll [650752 2017-04-28] (Microsoft Corporation) [File not signed]
U2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
U3 RmSvc; C:\windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\windows\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RpcLocator; C:\windows\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\windows\system32\rpcss.dll [890368 2017-04-28] (Microsoft Corporation) [File not signed]
U2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-12] (Realtek Semiconductor)
U4 SCardSvr; C:\windows\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation) [File not signed]
U3 ScDeviceEnum; C:\windows\System32\ScDeviceEnum.dll [201728 2016-12-14] (Microsoft Corporation) [File not signed]
U2 Schedule; C:\windows\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation) [File not signed]
U3 SCPolicySvc; C:\windows\System32\certprop.dll [193536 2017-03-04] (Microsoft Corporation) [File not signed]
U3 SDRSVC; C:\windows\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation) [File not signed]
U3 seclogon; C:\windows\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation) [File not signed]
R2 SENS; C:\windows\System32\sens.dll [70656 2016-09-15] (Microsoft Corporation) [File not signed]
U3 SensorDataService; C:\windows\System32\SensorDataService.exe [1312768 2017-03-04] (Microsoft Corporation) [File not signed]
U3 SensorService; C:\windows\system32\SensorService.dll [417792 2016-09-15] (Microsoft Corporation) [File not signed]
U3 SensrSvc; C:\windows\system32\sensrsvc.dll [179200 2016-07-16] (Microsoft Corporation) [File not signed]
U3 SessionEnv; C:\windows\system32\sessenv.dll [387072 2016-09-15] (Microsoft Corporation) [File not signed]
U3 SessionEnv; C:\windows\SysWOW64\sessenv.dll [331776 2016-09-15] (Microsoft Corporation) [File not signed]
U3 SharedAccess; C:\windows\System32\ipnathlp.dll [541696 2017-03-04] (Microsoft Corporation) [File not signed]
U2 ShellHWDetection; C:\windows\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation) [File not signed]
U2 ShellHWDetection; C:\windows\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation) [File not signed]
U4 shpamsvc; C:\windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation) [File not signed]
U3 smphost; C:\windows\System32\smphost.dll [23552 2016-08-06] (Microsoft Corporation) [File not signed]
U3 smphost; C:\windows\SysWOW64\smphost.dll [20992 2016-08-06] (Microsoft Corporation) [File not signed]
U3 SmsRouter; C:\windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation) [File not signed]
U3 SNMPTRAP; C:\windows\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\windows\System32\spoolsv.exe [792576 2017-03-04] (Microsoft Corporation) [File not signed]
U3 SSDPSRV; C:\windows\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation) [File not signed]
U3 SstpSvc; C:\windows\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation) [File not signed]
U3 StateRepository; C:\windows\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation) [File not signed]
U3 StateRepository; C:\windows\SysWOW64\windows.staterepository.dll [3370496 2016-11-11] (Microsoft Corporation) [File not signed]
U2 stisvc; C:\windows\System32\wiaservc.dll [646656 2017-04-28] (Microsoft Corporation) [File not signed]
U3 StorSvc; C:\windows\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation) [File not signed]
U3 svsvc; C:\windows\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation) [File not signed]
U3 swprv; C:\windows\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation) [File not signed]
U2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [258152 2016-08-25] (Synaptics Incorporated)
U2 SysMain; C:\windows\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation) [File not signed]
U2 SystemEventsBroker; C:\windows\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation) [File not signed]
U3 TabletInputService; C:\windows\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation) [File not signed]
U3 TapiSrv; C:\windows\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation) [File not signed]
U3 TapiSrv; C:\windows\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation) [File not signed]
S3 TermService; C:\windows\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation) [File not signed]
R2 Themes; C:\windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation) [File not signed]
U3 TieringEngineService; C:\windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation) [File not signed]
U2 tiledatamodelsvc; C:\windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation) [File not signed]
U3 TimeBrokerSvc; C:\windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation) [File not signed]
U2 TrkWks; C:\windows\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\windows\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation) [File not signed]
U4 tzautoupdate; C:\windows\system32\tzautoupdate.dll [95232 2017-03-04] (Microsoft Corporation) [File not signed]
U3 UI0Detect; C:\windows\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UmRdpService; C:\windows\System32\umrdp.dll [273408 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UnistoreSvc; C:\windows\System32\unistore.dll [1184256 2017-04-28] (Microsoft Corporation) [File not signed]
U3 UnistoreSvc; C:\windows\SysWOW64\unistore.dll [968704 2017-03-04] (Microsoft Corporation) [File not signed]
U3 upnphost; C:\windows\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation) [File not signed]
U3 upnphost; C:\windows\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UserDataSvc; C:\windows\System32\userdataservice.dll [1512448 2017-03-04] (Microsoft Corporation) [File not signed]
U2 UserManager; C:\windows\System32\usermgr.dll [1021440 2017-04-28] (Microsoft Corporation) [File not signed]
U3 UsoSvc; C:\windows\system32\usocore.dll [548864 2017-04-28] (Microsoft Corporation) [File not signed]
U3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation) [File not signed]
U3 vds; C:\windows\System32\vds.exe [649216 2017-04-28] (Microsoft Corporation) [File not signed]
U3 vmicguestinterface; C:\windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation) [File not signed]
U3 vmicheartbeat; C:\windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation) [File not signed]
U3 vmickvpexchange; C:\windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation) [File not signed]
U3 vmicrdv; C:\windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) [File not signed]
U3 vmicshutdown; C:\windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation) [File not signed]
U3 vmictimesync; C:\windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation) [File not signed]
U3 vmicvmsession; C:\windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation) [File not signed]
U3 vmicvss; C:\windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) [File not signed]
U3 VSS; C:\windows\system32\vssvc.exe [1443328 2017-04-28] (Microsoft Corporation) [File not signed]
U3 W32Time; C:\windows\system32\w32time.dll [520192 2016-09-21] (Microsoft Corporation) [File not signed]
U3 w3logsvc; C:\windows\system32\inetsrv\w3logsvc.dll [83456 2016-07-29] (Microsoft Corporation) [File not signed]
U3 w3logsvc; C:\windows\SysWOW64\inetsrv\w3logsvc.dll [73216 2016-07-29] (Microsoft Corporation) [File not signed]
U3 WalletService; C:\windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WAS; C:\windows\system32\inetsrv\iisw3adm.dll [568832 2016-07-29] (Microsoft Corporation) [File not signed]
U3 WAS; C:\windows\SysWOW64\inetsrv\iisw3adm.dll [507392 2016-07-29] (Microsoft Corporation) [File not signed]
U3 wbengine; C:\windows\system32\wbengine.exe [1547264 2017-04-28] (Microsoft Corporation) [File not signed]
U2 WbioSrvc; C:\windows\System32\wbiosrvc.dll [837632 2016-12-14] (Microsoft Corporation) [File not signed]
U2 Wcmsvc; C:\windows\System32\wcmsvc.dll [715776 2017-03-04] (Microsoft Corporation) [File not signed]
U3 wcncsvc; C:\windows\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WdiServiceHost; C:\windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WdiServiceHost; C:\windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WdiSystemHost; C:\windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WdiSystemHost; C:\windows\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
U3 WebClient; C:\windows\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WebClient; C:\windows\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Wecsvc; C:\windows\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WEPHOSTSVC; C:\windows\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation) [File not signed]
U3 wercplsupport; C:\windows\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WerSvc; C:\windows\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WiaRpc; C:\windows\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
U2 Winmgmt; C:\windows\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WinRM; C:\windows\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation) [File not signed]
U3 WinRM; C:\windows\SysWOW64\WsmSvc.dll [2333184 2017-04-28] (Microsoft Corporation) [File not signed]
U3 wisvc; C:\windows\system32\flightsettings.dll [635904 2017-04-28] (Microsoft Corporation) [File not signed]
U2 WlanSvc; C:\windows\System32\wlansvc.dll [2370048 2017-03-04] (Microsoft Corporation) [File not signed]
U3 wlidsvc; C:\windows\system32\wlidsvc.dll [2104320 2017-04-28] (Microsoft Corporation) [File not signed]
U3 wmiApSrv; C:\windows\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-09-07] (Microsoft Corporation) [File not signed]
U3 workfolderssvc; C:\windows\system32\workfolderssvc.dll [1837056 2017-03-04] (Microsoft Corporation) [File not signed]
U3 WPDBusEnum; C:\windows\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation) [File not signed]
U2 WpnService; C:\windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WpnUserService; C:\windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation) [File not signed]
U2 wscsvc; C:\windows\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation) [File not signed]
U2 WSearch; C:\windows\system32\SearchIndexer.exe [903680 2017-06-03] (Microsoft Corporation) [File not signed]
U2 WSearch; C:\windows\SysWOW64\SearchIndexer.exe [773120 2017-06-03] (Microsoft Corporation) [File not signed]
U3 wuauserv; C:\windows\system32\wuaueng.dll [2318848 2017-06-03] (Microsoft Corporation) [File not signed]
U3 wudfsvc; C:\windows\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WwanSvc; C:\windows\System32\wwansvc.dll [1282048 2017-03-04] (Microsoft Corporation) [File not signed]
U3 XblAuthManager; C:\windows\System32\XblAuthManager.dll [1016320 2017-03-04] (Microsoft Corporation) [File not signed]
U3 XblGameSave; C:\windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation) [File not signed]
U3 XboxNetApiSvc; C:\windows\system32\XboxNetApiSvc.dll [1025536 2017-03-04] (Microsoft Corporation) [File not signed]
U2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
U2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U3 1394ohci; C:\windows\System32\drivers\1394ohci.sys [235520 2016-07-16] (Microsoft Corporation) [File not signed]
U3 AcpiDev; C:\windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation) [File not signed]
U3 acpipagr; C:\windows\System32\drivers\acpipagr.sys [12288 2016-07-16] (Microsoft Corporation) [File not signed]
U3 AcpiPmi; C:\windows\System32\drivers\acpipmi.sys [14336 2016-07-16] (Microsoft Corporation) [File not signed]
U3 acpitime; C:\windows\System32\drivers\acpitime.sys [13312 2016-07-16] (Microsoft Corporation) [File not signed]
U1 ahcache; C:\windows\System32\DRIVERS\ahcache.sys [227328 2016-10-15] (Microsoft Corporation) [File not signed]
U3 AmdK8; C:\windows\System32\drivers\amdk8.sys [123392 2016-07-16] (Microsoft Corporation) [File not signed]
U3 amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [26711040 2016-08-12] (Advanced Micro Devices, Inc.) [File not signed]
U3 amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [500736 2016-08-12] (Advanced Micro Devices, Inc.) [File not signed]
U3 AmdPPM; C:\windows\System32\drivers\amdppm.sys [120832 2016-07-16] (Microsoft Corporation) [File not signed]
U3 applockerfltr; C:\windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation) [File not signed]
U3 AsyncMac; C:\windows\System32\drivers\asyncmac.sys [28160 2016-07-16] (Microsoft Corporation) [File not signed]
U1 BasicDisplay; C:\windows\System32\drivers\BasicDisplay.sys [56320 2017-03-28] (Microsoft Corporation) [File not signed]
U1 BasicRender; C:\windows\System32\drivers\BasicRender.sys [41472 2017-06-03] (Microsoft Corporation) [File not signed]
U3 bcmfn; C:\windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider) [File not signed]
U3 bcmfn2; C:\windows\System32\drivers\bcmfn2.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider) [File not signed]
U1 Beep; C:\Windows\System32\Drivers\Beep.sys [9728 2016-07-16] (Microsoft Corporation) [File not signed]
U3 bowser; C:\windows\System32\DRIVERS\bowser.sys [101888 2016-11-02] (Microsoft Corporation) [File not signed]
U3 BthA2DP; C:\windows\system32\drivers\BthA2DP.sys [168448 2016-09-15] (Microsoft Corporation) [File not signed]
U3 BthAvrcpTg; C:\windows\System32\drivers\BthAvrcpTg.sys [43008 2016-07-16] (Microsoft Corporation) [File not signed]
U3 BthEnum; C:\windows\System32\drivers\BthEnum.sys [114176 2016-11-08] (Microsoft Corporation) [File not signed]
U3 BthHFAud; C:\windows\System32\drivers\BthHfAud.sys [37376 2016-07-16] (Microsoft Corporation) [File not signed]
U3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [65536 2016-07-16] (Microsoft Corporation) [File not signed]
U3 bthhfhid; C:\windows\System32\drivers\BthHFHid.sys [31232 2016-07-16] (Microsoft Corporation) [File not signed]
U3 BthLEEnum; C:\windows\System32\drivers\BthLEEnum.sys [249856 2017-04-28] (Microsoft Corporation) [File not signed]
U3 BTHMODEM; C:\windows\System32\drivers\bthmodem.sys [66048 2016-07-16] (Microsoft Corporation) [File not signed]
U3 BthPan; C:\windows\System32\drivers\bthpan.sys [128512 2016-10-05] (Microsoft Corporation) [File not signed]
U3 BTHPORT; C:\windows\System32\drivers\BTHport.sys [967680 2017-04-28] (Microsoft Corporation) [File not signed]
U3 BTHUSB; C:\windows\System32\drivers\BTHUSB.sys [84992 2016-11-08] (Microsoft Corporation) [File not signed]
U3 buttonconverter; C:\windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation) [File not signed]
U3 CapImg; C:\windows\System32\drivers\capimg.sys [118272 2016-09-10] (Microsoft Corporation) [File not signed]
U4 cdfs; C:\windows\System32\DRIVERS\cdfs.sys [92160 2016-07-16] (Microsoft Corporation) [File not signed]
U1 cdrom; C:\windows\System32\drivers\cdrom.sys [173056 2016-07-16] (Microsoft Corporation) [File not signed]
U3 circlass; C:\windows\System32\drivers\circlass.sys [48640 2016-07-16] (Microsoft Corporation) [File not signed]
U2 clreg; C:\windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation) [File not signed]
U3 CmBatt; C:\windows\System32\drivers\CmBatt.sys [29696 2016-07-16] (Microsoft Corporation) [File not signed]
U1 cmdcss; C:\windows\system32\drivers\cmdcss.sys [126056 2017-03-31] (COMODO)
U1 cmderd; C:\windows\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
U1 cmdGuard; C:\windows\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
U1 cmdhlp; C:\windows\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
U3 CompositeBus; C:\windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation) [File not signed]
U1 Dfsc; C:\windows\System32\Drivers\dfsc.sys [145408 2017-03-04] (Microsoft Corporation) [File not signed]
U3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
U3 dmvsc; C:\windows\System32\drivers\dmvsc.sys [35840 2016-07-16] (Microsoft Corporation) [File not signed]
U3 dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [52208 2016-07-05] (Intel Corporation)
U3 dptf_pch; C:\windows\System32\drivers\dptf_pch.sys [50672 2016-07-05] (Intel Corporation)
U3 ErrDev; C:\windows\System32\drivers\errdev.sys [13312 2016-07-16] (Microsoft Corporation) [File not signed]
U3 esif_lf; C:\windows\system32\DRIVERS\esif_lf.sys [260080 2016-07-05] (Intel Corporation)
U3 exfat; C:\Windows\System32\Drivers\exfat.sys [334848 2016-07-16] (Microsoft Corporation) [File not signed]
U3 fdc; C:\windows\System32\drivers\fdc.sys [32256 2016-07-16] (Microsoft Corporation) [File not signed]
U1 FileCrypt; C:\windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Filetrace; C:\windows\System32\drivers\filetrace.sys [35840 2016-07-16] (Microsoft Corporation) [File not signed]
U3 flpydisk; C:\windows\System32\drivers\flpydisk.sys [26112 2016-07-16] (Microsoft Corporation) [File not signed]
U3 gencounter; C:\windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation) [File not signed]
U3 genericusbfn; C:\windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation) [File not signed]
U1 GpuEnergyDrv; C:\windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HdAudAddService; C:\windows\system32\DRIVERS\HdAudio.sys [410624 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HDAudBus; C:\windows\System32\drivers\HDAudBus.sys [83456 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HidBth; C:\windows\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation) [File not signed]
U3 hidi2c; C:\windows\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HidIr; C:\windows\System32\drivers\hidir.sys [46592 2016-07-16] (Microsoft Corporation) [File not signed]
U3 HidUsb; C:\windows\System32\drivers\hidusb.sys [38400 2016-09-21] (Microsoft Corporation) [File not signed]
U3 hyperkbd; C:\windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation) [File not signed]
U3 i8042prt; C:\windows\System32\drivers\i8042prt.sys [114176 2016-07-16] (Microsoft Corporation) [File not signed]
U3 iagpio; C:\windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation) [File not signed]
U3 iai2c; C:\windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation) [File not signed]
U3 iaLPSS2i_GPIO2; C:\windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation) [File not signed]
U3 iaLPSSi_I2C; C:\windows\System32\drivers\iaLPSSi_I2C.sys [113152 2016-07-16] (Intel Corporation) [File not signed]
U3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
U3 IndirectKmd; C:\windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation) [File not signed]
U1 inspect; C:\windows\system32\DRIVERS\inspect.sys [129200 2017-03-31] (COMODO)
U3 intelppm; C:\windows\System32\drivers\intelppm.sys [134144 2016-07-16] (Microsoft Corporation) [File not signed]
U3 IpFilterDriver; C:\windows\System32\DRIVERS\ipfltdrv.sys [85504 2016-07-16] (Microsoft Corporation) [File not signed]
U3 IPNAT; C:\windows\System32\drivers\ipnat.sys [212480 2016-07-16] (Microsoft Corporation) [File not signed]
U3 irda; C:\windows\system32\drivers\irda.sys [120320 2016-07-16] (Microsoft Corporation) [File not signed]
U3 IRENUM; C:\windows\System32\drivers\irenum.sys [19456 2016-07-16] (Microsoft Corporation) [File not signed]
U3 kbdhid; C:\windows\System32\drivers\kbdhid.sys [39424 2016-09-15] (Microsoft Corporation) [File not signed]
U3 kdnic; C:\windows\System32\drivers\kdnic.sys [25088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 ksthunk; C:\windows\system32\drivers\ksthunk.sys [26112 2016-07-16] (Microsoft Corporation) [File not signed]
U2 lltdio; C:\windows\System32\drivers\lltdio.sys [66048 2016-07-16] (Microsoft Corporation) [File not signed]
U2 luafv; C:\windows\system32\drivers\luafv.sys [125952 2016-07-16] (Microsoft Corporation) [File not signed]
U2 MMCSS; C:\windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Modem; C:\windows\System32\drivers\modem.sys [42496 2016-11-11] (Microsoft Corporation) [File not signed]
U3 monitor; C:\windows\System32\drivers\monitor.sys [38400 2016-07-16] (Microsoft Corporation) [File not signed]
U3 mouhid; C:\windows\System32\drivers\mouhid.sys [32256 2016-07-16] (Microsoft Corporation) [File not signed]
U3 mpsdrv; C:\windows\System32\drivers\mpsdrv.sys [75776 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MRxDAV; C:\windows\system32\drivers\mrxdav.sys [143872 2016-10-05] (Microsoft Corporation) [File not signed]
U2 mrxsmb10; C:\windows\System32\DRIVERS\mrxsmb10.sys [282624 2016-11-11] (Microsoft Corporation) [File not signed]
U3 MsBridge; C:\windows\System32\drivers\bridge.sys [115200 2017-04-28] (Microsoft Corporation) [File not signed]
U3 mshidkmdf; C:\windows\System32\drivers\mshidkmdf.sys [8704 2016-07-16] (Microsoft Corporation) [File not signed]
U3 mshidumdf; C:\windows\System32\drivers\mshidumdf.sys [11776 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MSKSSRV; C:\windows\system32\DRIVERS\MSKSSRV.sys [27136 2017-03-04] (Microsoft Corporation) [File not signed]
U2 MsLldp; C:\windows\System32\drivers\mslldp.sys [78336 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MSPCLOCK; C:\windows\system32\DRIVERS\MSPCLOCK.sys [10752 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MSPQM; C:\windows\system32\DRIVERS\MSPQM.sys [10752 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MSTEE; C:\windows\system32\DRIVERS\MSTEE.sys [12800 2016-07-16] (Microsoft Corporation) [File not signed]
U3 MTConfig; C:\windows\System32\drivers\MTConfig.sys [15872 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NativeWifiP; C:\windows\System32\DRIVERS\nwifi.sys [535552 2017-03-04] (Microsoft Corporation) [File not signed]
U3 NdisCap; C:\windows\System32\drivers\ndiscap.sys [50176 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NdisImPlatform; C:\windows\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NdisTapi; C:\windows\System32\DRIVERS\ndistapi.sys [26112 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Ndisuio; C:\windows\System32\drivers\ndisuio.sys [63488 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NdisVirtualBus; C:\windows\System32\drivers\NdisVirtualBus.sys [20480 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NdisWan; C:\windows\System32\drivers\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation) [File not signed]
U3 ndiswanlegacy; C:\windows\System32\DRIVERS\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation) [File not signed]
U3 ndproxy; C:\windows\System32\DRIVERS\NDProxy.sys [60928 2016-07-16] (Microsoft Corporation) [File not signed]
U2 Ndu; C:\windows\System32\drivers\Ndu.sys [125440 2016-07-16] (Microsoft Corporation) [File not signed]
U3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () [File not signed]
U1 NetBT; C:\windows\System32\DRIVERS\netbt.sys [279040 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Netwtw04; C:\windows\System32\drivers\Netwtw04.sys [7237392 2016-07-31] (Intel Corporation)
U1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [68608 2016-07-16] (Microsoft Corporation) [File not signed]
U1 npsvctrig; C:\windows\System32\drivers\npsvctrig.sys [26624 2016-07-16] (Microsoft Corporation) [File not signed]
U1 nsiproxy; C:\windows\System32\drivers\nsiproxy.sys [41984 2016-07-16] (Microsoft Corporation) [File not signed]
U1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Parport; C:\windows\System32\drivers\parport.sys [96768 2016-07-16] (Microsoft Corporation) [File not signed]
U2 PEAUTH; C:\windows\System32\drivers\peauth.sys [723968 2016-07-16] (Microsoft Corporation) [File not signed]
U3 PptpMiniport; C:\windows\System32\drivers\raspptp.sys [96256 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Processor; C:\windows\System32\drivers\processr.sys [119808 2016-07-16] (Microsoft Corporation) [File not signed]
U3 QWAVEdrv; C:\windows\system32\drivers\qwavedrv.sys [48640 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RasAcd; C:\windows\System32\DRIVERS\rasacd.sys [17408 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RasAgileVpn; C:\windows\System32\drivers\AgileVpn.sys [107520 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Rasl2tp; C:\windows\System32\drivers\rasl2tp.sys [104960 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RasPppoe; C:\windows\System32\drivers\raspppoe.sys [81408 2017-04-28] (Microsoft Corporation) [File not signed]
U3 RasSstp; C:\windows\System32\drivers\rassstp.sys [77824 2016-07-16] (Microsoft Corporation) [File not signed]
U3 rdpbus; C:\windows\System32\drivers\rdpbus.sys [26112 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RDPDR; C:\windows\System32\drivers\rdpdr.sys [177152 2016-07-16] (Microsoft Corporation) [File not signed]
U3 RFCOMM; C:\windows\System32\drivers\rfcomm.sys [183808 2016-07-16] (Microsoft Corporation) [File not signed]
U2 rspndr; C:\windows\System32\drivers\rspndr.sys [81408 2016-07-16] (Microsoft Corporation) [File not signed]
U3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [935168 2016-02-25] (Realtek )
U3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [416472 2016-07-08] (Realsil Semiconductor Corporation)
U3 s3cap; C:\windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation) [File not signed]
U3 scfilter; C:\windows\System32\DRIVERS\scfilter.sys [43008 2016-07-16] (Microsoft Corporation) [File not signed]
U3 scmdisk0101; C:\windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation) [File not signed]
U3 SensorsHIDClassDriver; C:\windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Serenum; C:\windows\System32\drivers\serenum.sys [25088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Serial; C:\windows\System32\drivers\serial.sys [83968 2016-07-16] (Microsoft Corporation) [File not signed]
U3 sermouse; C:\windows\System32\drivers\sermouse.sys [27648 2016-07-16] (Microsoft Corporation) [File not signed]
U3 sfloppy; C:\windows\System32\drivers\sfloppy.sys [18432 2016-07-16] (Microsoft Corporation) [File not signed]
U3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [60008 2016-08-25] (Synaptics Incorporated)
U3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [64104 2016-08-25] (Synaptics Incorporated)
U2 srv; C:\windows\System32\DRIVERS\srv.sys [409600 2017-04-28] (Microsoft Corporation) [File not signed]
U3 srv2; C:\windows\System32\DRIVERS\srv2.sys [713216 2017-04-28] (Microsoft Corporation) [File not signed]
U3 srvnet; C:\windows\System32\DRIVERS\srvnet.sys [248320 2016-09-07] (Microsoft Corporation) [File not signed]
U3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U2 storqosflt; C:\windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation) [File not signed]
U3 Synth3dVsc; C:\windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation) [File not signed]
U2 tcpipreg; C:\windows\System32\drivers\tcpipreg.sys [52224 2017-03-04] (Microsoft Corporation) [File not signed]
U3 tsusbflt; C:\windows\System32\drivers\TsUsbFlt.sys [61440 2016-07-16] (Microsoft Corporation) [File not signed]
U3 TsUsbGD; C:\windows\System32\drivers\TsUsbGD.sys [34304 2016-07-16] (Microsoft Corporation) [File not signed]
U3 tunnel; C:\windows\System32\drivers\tunnel.sys [158208 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UcmCx0101; C:\windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UcmTcpciCx0101; C:\windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UcmUcsi; C:\windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UdeCx; C:\windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation) [File not signed]
U4 udfs; C:\windows\System32\DRIVERS\udfs.sys [320000 2016-07-16] (Microsoft Corporation) [File not signed]
U3 umbus; C:\windows\System32\drivers\umbus.sys [56832 2016-07-16] (Microsoft Corporation) [File not signed]
U3 UmPass; C:\windows\System32\drivers\umpass.sys [13824 2016-07-16] (Microsoft Corporation) [File not signed]
U3 usbcir; C:\windows\System32\drivers\usbcir.sys [102400 2016-07-16] (Microsoft Corporation) [File not signed]
U3 usbohci; C:\windows\System32\drivers\usbohci.sys [30208 2016-07-16] (Microsoft Corporation) [File not signed]
U3 usbprint; C:\windows\System32\drivers\usbprint.sys [27648 2016-07-16] (Microsoft Corporation) [File not signed]
U3 usbser; C:\windows\System32\drivers\usbser.sys [69120 2016-07-16] (Microsoft Corporation) [File not signed]
U3 usbuhci; C:\windows\System32\drivers\usbuhci.sys [35328 2016-07-16] (Microsoft Corporation) [File not signed]
U3 usbvideo; C:\windows\System32\Drivers\usbvideo.sys [226816 2016-09-21] (Microsoft Corporation) [File not signed]
U3 vhf; C:\windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation) [File not signed]
U3 VMBusHID; C:\windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 vmgid; C:\windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation) [File not signed]
U3 vwifibus; C:\windows\System32\drivers\vwifibus.sys [26624 2016-07-16] (Microsoft Corporation) [File not signed]
U1 vwififlt; C:\windows\System32\drivers\vwififlt.sys [73216 2016-07-16] (Microsoft Corporation) [File not signed]
U3 vwifimp; C:\windows\System32\drivers\vwifimp.sys [40448 2017-04-28] (Microsoft Corporation) [File not signed]
U3 WacomPen; C:\windows\System32\drivers\wacompen.sys [30208 2016-07-16] (Microsoft Corporation) [File not signed]
U2 wanarp; C:\windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation) [File not signed]
U3 wanarpv6; C:\windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation) [File not signed]
U2 wcnfs; C:\windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
U3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
U3 wdiwifi; C:\windows\System32\DRIVERS\wdiwifi.sys [719872 2017-03-04] (Microsoft Corporation) [File not signed]
U3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 WINUSB; C:\windows\System32\drivers\WinUSB.SYS [89088 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-07-31] (HP)
U3 WmiAcpi; C:\windows\System32\drivers\wmiacpi.sys [18432 2016-07-16] (Microsoft Corporation) [File not signed]
U4 ws2ifsl; C:\windows\system32\drivers\ws2ifsl.sys [22528 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WudfPf; C:\windows\System32\drivers\WudfPf.sys [99328 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WUDFRd; C:\windows\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WUDFWpdFs; C:\windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File not signed]
U3 WUDFWpdMtp; C:\windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) [File not signed]
U3 xboxgip; C:\windows\System32\drivers\xboxgip.sys [258560 2017-03-04] (Microsoft Corporation) [File not signed]
U3 xinputhid; C:\windows\System32\drivers\xinputhid.sys [43520 2016-11-08] (Microsoft Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-06 21:12 - 2017-07-06 21:13 - 00062394 _____ C:\Users\David\Desktop\FRST.txt
2017-07-06 21:09 - 2017-07-06 21:12 - 00000000 ____D C:\FRST
2017-07-06 21:05 - 2017-07-06 21:07 - 02436608 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2017-07-06 09:19 - 2017-07-06 09:20 - 65033984 _____ (Malwarebytes ) C:\Users\David\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-06 08:49 - 2017-07-06 09:17 - 00000000 ____D C:\AdwCleaner
2017-07-05 21:37 - 2017-07-06 08:48 - 04110280 _____ C:\Users\David\Desktop\adwcleaner_6.047.exe
2017-07-05 19:40 - 2017-07-06 01:28 - 3118381111 _____ C:\Users\David\Downloads\Mein.Blind.Date.mit.dem.Leben.2017.German.1080p.BluRay.x265-BluRHD.mkv
2017-07-02 22:19 - 2017-07-06 21:09 - 00602952 _____ C:\windows\system32\Drivers\fvstore.dat
2017-07-02 22:13 - 2017-07-02 22:13 - 00000000 ___HD C:\VTRoot
2017-07-02 21:58 - 2017-07-02 21:58 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-07-02 21:52 - 2017-07-02 21:52 - 00000000 ____D C:\Program Files\Microsoft Office
2017-07-02 21:51 - 2017-07-02 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-07-02 21:50 - 2017-07-02 21:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-07-02 18:20 - 2017-07-02 18:20 - 00000000 ____D C:\rsit
2017-07-02 18:20 - 2017-07-02 18:20 - 00000000 ____D C:\Program Files\trend micro
2017-07-02 18:19 - 2017-07-02 18:20 - 01222144 _____ C:\Users\David\Desktop\RSITx64.exe
2017-07-02 00:01 - 2017-07-02 21:33 - 00000000 ____D C:\Users\David\Desktop\záloha registru
2017-07-01 23:57 - 2017-07-01 23:57 - 00002870 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2017-07-01 23:57 - 2017-07-01 23:57 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-07-01 23:57 - 2017-07-01 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-07-01 23:57 - 2017-07-01 23:57 - 00000000 ____D C:\Program Files\CCleaner
2017-07-01 23:56 - 2017-07-01 23:57 - 09598376 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup531.exe
2017-07-01 20:42 - 2017-07-01 20:42 - 05365336 _____ (COMODO) C:\Users\David\Downloads\cispremium_installer_6100_08.exe
2017-06-29 09:46 - 2017-06-29 09:46 - 00000000 ___SD C:\windows\UpdateAssistantV2
2017-06-17 23:21 - 2017-06-18 00:08 - 730726400 _____ C:\Users\David\Downloads\11.22.63-S01E01-The-Rabbit-Hole-CZ-Titulky-Stephen-King...ID--154291.avi
2017-06-16 21:15 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-06-16 21:15 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2017-06-16 21:15 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-06-16 21:15 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-06-16 21:15 - 2017-06-03 12:06 - 02048496 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2017-06-16 21:15 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2017-06-16 21:15 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-06-16 21:15 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-06-16 21:15 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2017-06-16 21:15 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2017-06-16 21:15 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2017-06-16 21:15 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2017-06-16 21:15 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2017-06-16 21:15 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2017-06-16 21:15 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2017-06-16 21:15 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-06-16 21:15 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2017-06-16 21:15 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2017-06-16 21:15 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-06-16 21:15 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2017-06-16 21:15 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2017-06-16 21:15 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-16 21:15 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-06-16 21:15 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2017-06-16 21:15 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-06-16 21:15 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExSMime.dll
2017-06-16 21:15 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-06-16 21:15 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-16 21:15 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\windows\SysWOW64\edputil.dll
2017-06-16 21:15 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-16 21:15 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBrokerUI.dll
2017-06-16 21:15 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2017-06-16 21:15 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupShim.dll
2017-06-16 21:15 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2017-06-16 21:15 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpipcfg.dll
2017-06-16 21:15 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-06-16 21:15 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-06-16 21:15 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-06-16 21:15 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BasicRender.sys
2017-06-16 21:15 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2017-06-16 21:15 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-06-16 21:15 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe
2017-06-16 21:15 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdProxy.dll
2017-06-16 21:15 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2017-06-16 21:15 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-06-16 21:15 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2017-06-16 21:15 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2017-06-16 21:15 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-06-16 21:15 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-06-16 21:15 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2017-06-16 21:15 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\hnetcfg.dll
2017-06-16 21:15 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-06-16 21:15 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-06-16 21:15 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-06-16 21:15 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2017-06-16 21:15 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2017-06-16 21:15 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-06-16 21:15 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2017-06-16 21:15 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-06-16 21:15 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-06-16 21:15 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-06-16 21:15 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-06-16 21:15 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2017-06-16 21:15 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2017-06-16 21:15 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\windows\system32\OOBEUpdater.exe
2017-06-16 21:15 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2017-06-16 21:15 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-06-16 21:15 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2017-06-16 21:15 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\wpninprc.dll
2017-06-16 21:15 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentActivation.dll
2017-06-16 21:14 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\windows\SysWOW64\aepic.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\windows\system32\dcntel.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\windows\system32\ImplatSetup.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-06-16 21:14 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2017-06-16 21:14 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-06-16 21:14 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-06-16 21:14 - 2017-06-03 12:01 - 02681200 _____ C:\windows\system32\CoreUIComponents.dll
2017-06-16 21:14 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2017-06-16 21:14 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-06-16 21:14 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-06-16 21:14 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-06-16 21:14 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-06-16 21:14 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-06-16 21:14 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2017-06-16 21:14 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2017-06-16 21:14 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2017-06-16 21:14 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2017-06-16 21:14 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2017-06-16 21:14 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2017-06-16 21:14 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2017-06-16 21:14 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-06-16 21:14 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2017-06-16 21:14 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-06-16 21:14 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-06-16 21:14 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-06-16 21:14 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2017-06-16 21:14 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-16 21:14 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\edputil.dll
2017-06-16 21:14 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\windows\system32\AuthBrokerUI.dll
2017-06-16 21:14 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\windows\system32\NetSetupShim.dll
2017-06-16 21:14 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-06-16 21:14 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\HNetCfgClient.dll
2017-06-16 21:14 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-06-16 21:14 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2017-06-16 21:14 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-06-16 21:14 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\efscore.dll
2017-06-16 21:14 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-06-16 21:14 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\fdProxy.dll
2017-06-16 21:14 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-06-16 21:14 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2017-06-16 21:14 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2017-06-16 21:14 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-06-16 21:14 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-06-16 21:14 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-06-16 21:14 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2017-06-16 21:14 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2017-06-16 21:14 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\windows\system32\hnetcfg.dll
2017-06-16 21:14 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-06-16 21:14 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2017-06-16 21:14 - 2017-06-03 08:08 - 00080078 _____ C:\windows\system32\normidna.nls
2017-06-10 21:29 - 2017-06-10 21:29 - 00079949 _____ C:\Users\David\Downloads\Closer(0000093404).srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-06 21:07 - 2017-03-30 20:58 - 01474832 _____ C:\windows\system32\Drivers\sfi.dat
2017-07-06 21:02 - 2016-09-21 20:40 - 01015724 _____ C:\windows\system32\perfh005.dat
2017-07-06 21:02 - 2016-09-21 20:40 - 00262014 _____ C:\windows\system32\perfc005.dat
2017-07-06 21:02 - 2016-07-29 14:37 - 02701638 _____ C:\windows\system32\PerfStringBackup.INI
2017-07-06 20:58 - 2017-03-20 20:36 - 00000000 __SHD C:\Users\David\IntelGraphicsProfiles
2017-07-06 20:58 - 2017-03-20 20:35 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-06 20:58 - 2016-07-29 14:32 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-07-06 20:57 - 2016-07-16 08:04 - 00524288 _____ C:\windows\system32\config\BBI
2017-07-06 20:51 - 2017-03-30 21:31 - 00004212 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{99BDEA0B-AF7B-4B9D-9E5D-8EFE84F594CD}
2017-07-06 20:51 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-06 20:51 - 2016-07-16 13:47 - 00000000 ____D C:\windows\AppReadiness
2017-07-06 20:47 - 2016-07-29 14:32 - 00000000 ____D C:\windows\system32\SleepStudy
2017-07-06 08:15 - 2017-03-30 23:11 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2017-07-05 20:14 - 2016-07-16 13:47 - 00000000 ____D C:\windows\rescache
2017-07-05 15:36 - 2017-03-20 20:36 - 00000000 ____D C:\Users\David\AppData\Local\Packages
2017-07-02 22:01 - 2017-03-30 21:15 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2017-07-02 21:59 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-02 21:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-02 21:38 - 2016-07-16 13:45 - 00000000 ____D C:\windows\INF
2017-07-02 21:35 - 2017-03-20 20:50 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-02 21:35 - 2017-03-20 20:50 - 00002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-02 21:32 - 2017-03-30 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2017-07-02 21:32 - 2017-03-30 20:58 - 00000000 ____D C:\Program Files (x86)\COMODO
2017-07-02 21:32 - 2017-03-30 20:46 - 00000000 ____D C:\ProgramData\Comodo
2017-07-02 00:00 - 2016-07-29 15:23 - 00000000 ____D C:\windows\Panther
2017-07-01 23:40 - 2016-07-16 13:47 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2017-06-30 20:36 - 2016-07-16 08:04 - 00032768 _____ C:\windows\system32\config\ELAM
2017-06-29 09:48 - 2016-07-29 14:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-29 09:47 - 2017-03-20 20:35 - 00000000 ____D C:\Users\David
2017-06-29 09:47 - 2016-07-29 14:32 - 00417880 _____ C:\windows\system32\FNTCACHE.DAT
2017-06-29 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\appraiser
2017-06-29 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\windows\ShellExperiences
2017-06-16 21:28 - 2017-04-01 23:18 - 00000000 ____D C:\windows\system32\MRT
2017-06-16 21:24 - 2017-04-01 23:18 - 133627792 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-06-16 21:24 - 2016-07-16 13:36 - 00000000 ____D C:\windows\CbsTemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe
[2017-05-10 22:06] - [2017-04-28 01:39] - 0673792 _____ (Microsoft Corporation) B2151FE002A8D3F41E2DF935F260E3A8

C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe
[2016-07-16 13:42] - [2016-07-16 13:42] - 0033280 _____ (Microsoft Corporation) C1B1FFC800BE2F31EB2CF8CB40629C69

C:\windows\SysWOW64\userinit.exe
[2016-07-16 13:42] - [2016-07-16 13:42] - 0027648 _____ (Microsoft Corporation) FA900E6CCCF0A429D5B720C6F0E2274B

C:\windows\system32\rpcss.dll
[2017-05-10 22:06] - [2017-04-28 01:41] - 0890368 _____ (Microsoft Corporation) 4A7015195E49A3BA7DB967B277B21E9D

C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-05 16:06

==================== End of FRST.txt ============================

d_ejf · #9 Příspěvek od **d_ejf** » 06 črc 2017 20:18

Dobrý den,

přikládám, launcher jsem nebyl schopnej stáhnout, takže jsem použil jen FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2017
Ran by David (administrator) on LAPTOP-FURA4EBM (06-07-2017 21:29:20)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: defaultuser0 & David)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(COMODO) C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-12] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6627720 2016-07-27] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4168296 2016-08-25] (Synaptics Incorporated)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1487552 2017-04-23] (COMODO)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [7690424 2017-04-01] (COMODO)
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-09-21]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2017-03-30]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{b27bbdbf-4c81-4eb1-9829-66bf96021acc}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HCTE
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {6A895CCA-1F48-4584-95B4-017D2CEED056} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {6A895CCA-1F48-4584-95B4-017D2CEED056} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1976776874-1411867160-1571642719-1001 -> {6A895CCA-1F48-4584-95B4-017D2CEED056} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2017-04-01] (COMODO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2017-04-01] (COMODO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-07-02] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-07-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-07-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2017-07-06]
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-20]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-30]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-30]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-06-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-20]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [3210936 2017-04-01] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc.)
R2 esifsvc; C:\windows\SysWoW64\esif_uf.exe [1419424 2016-07-05] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [373720 2016-12-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-12] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [258152 2016-08-25] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmdcss; C:\windows\system32\drivers\cmdcss.sys [126056 2017-03-31] (COMODO)
R1 cmderd; C:\windows\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\windows\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdhlp; C:\windows\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\windows\System32\drivers\dptf_cpu.sys [52208 2016-07-05] (Intel Corporation)
R3 dptf_pch; C:\windows\System32\drivers\dptf_pch.sys [50672 2016-07-05] (Intel Corporation)
R3 esif_lf; C:\windows\system32\DRIVERS\esif_lf.sys [260080 2016-07-05] (Intel Corporation)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R1 inspect; C:\windows\system32\DRIVERS\inspect.sys [129200 2017-03-31] (COMODO)
S3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\windows\System32\drivers\Netwtw04.sys [7237392 2016-07-31] (Intel Corporation)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [935168 2016-02-25] (Realtek )
S3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [416472 2016-07-08] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [60008 2016-08-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [64104 2016-08-25] (Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\system32\DRIVERS\WirelessButtonDriver64.sys [32832 2016-07-31] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-06 21:29 - 2017-07-06 21:29 - 00015702 _____ C:\Users\David\Desktop\FRST.txt
2017-07-06 21:29 - 2017-07-06 21:29 - 00000000 ____D C:\FRST
2017-07-06 21:05 - 2017-07-06 21:07 - 02436608 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2017-07-06 09:19 - 2017-07-06 09:20 - 65033984 _____ (Malwarebytes ) C:\Users\David\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-06 08:49 - 2017-07-06 09:17 - 00000000 ____D C:\AdwCleaner
2017-07-05 21:37 - 2017-07-06 08:48 - 04110280 _____ C:\Users\David\Desktop\adwcleaner_6.047.exe
2017-07-05 19:40 - 2017-07-06 01:28 - 3118381111 _____ C:\Users\David\Downloads\Mein.Blind.Date.mit.dem.Leben.2017.German.1080p.BluRay.x265-BluRHD.mkv
2017-07-02 22:19 - 2017-07-06 21:28 - 00632978 _____ C:\windows\system32\Drivers\fvstore.dat
2017-07-02 22:13 - 2017-07-06 21:15 - 00000000 ___HD C:\VTRoot
2017-07-02 21:58 - 2017-07-02 21:58 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-07-02 21:52 - 2017-07-02 21:52 - 00000000 ____D C:\Program Files\Microsoft Office
2017-07-02 21:51 - 2017-07-02 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-07-02 21:50 - 2017-07-02 21:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-07-02 18:20 - 2017-07-02 18:20 - 00000000 ____D C:\rsit
2017-07-02 18:20 - 2017-07-02 18:20 - 00000000 ____D C:\Program Files\trend micro
2017-07-02 18:19 - 2017-07-02 18:20 - 01222144 _____ C:\Users\David\Desktop\RSITx64.exe
2017-07-02 00:01 - 2017-07-02 21:33 - 00000000 ____D C:\Users\David\Desktop\záloha registru
2017-07-01 23:57 - 2017-07-01 23:57 - 00002870 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2017-07-01 23:57 - 2017-07-01 23:57 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-07-01 23:57 - 2017-07-01 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-07-01 23:57 - 2017-07-01 23:57 - 00000000 ____D C:\Program Files\CCleaner
2017-07-01 23:56 - 2017-07-01 23:57 - 09598376 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup531.exe
2017-07-01 20:42 - 2017-07-01 20:42 - 05365336 _____ (COMODO) C:\Users\David\Downloads\cispremium_installer_6100_08.exe
2017-06-29 09:46 - 2017-06-29 09:46 - 00000000 ___SD C:\windows\UpdateAssistantV2
2017-06-17 23:21 - 2017-06-18 00:08 - 730726400 _____ C:\Users\David\Downloads\11.22.63-S01E01-The-Rabbit-Hole-CZ-Titulky-Stephen-King...ID--154291.avi
2017-06-16 21:15 - 2017-06-03 12:50 - 00315744 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-06-16 21:15 - 2017-06-03 12:16 - 00279904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2017-06-16 21:15 - 2017-06-03 12:11 - 01706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-06-16 21:15 - 2017-06-03 12:09 - 02213760 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-06-16 21:15 - 2017-06-03 12:06 - 02048496 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2017-06-16 21:15 - 2017-06-03 11:59 - 01181024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2017-06-16 21:15 - 2017-06-03 11:59 - 00118112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-06-16 21:15 - 2017-06-03 11:58 - 00340832 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-06-16 21:15 - 2017-06-03 11:55 - 00780640 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2017-06-16 21:15 - 2017-06-03 11:54 - 00187232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2017-06-16 21:15 - 2017-06-03 11:52 - 01021784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxPackaging.dll
2017-06-16 21:15 - 2017-06-03 11:52 - 00607072 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2017-06-16 21:15 - 2017-06-03 11:52 - 00111968 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupApi.dll
2017-06-16 21:15 - 2017-06-03 11:50 - 00857440 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2017-06-16 21:15 - 2017-06-03 11:50 - 00381792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2017-06-16 21:15 - 2017-06-03 11:49 - 20967840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-06-16 21:15 - 2017-06-03 11:48 - 00857952 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2017-06-16 21:15 - 2017-06-03 11:48 - 00148832 _____ (Microsoft Corporation) C:\windows\system32\NetSetupApi.dll
2017-06-16 21:15 - 2017-06-03 11:45 - 22220864 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-06-16 21:15 - 2017-06-03 11:44 - 01412640 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2017-06-16 21:15 - 2017-06-03 11:44 - 00545944 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2017-06-16 21:15 - 2017-06-03 11:39 - 05686272 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-16 21:15 - 2017-06-03 11:39 - 02532192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-06-16 21:15 - 2017-06-03 11:33 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2017-06-16 21:15 - 2017-06-03 11:32 - 00002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2017-06-16 21:15 - 2017-06-03 11:31 - 00224256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExSMime.dll
2017-06-16 21:15 - 2017-06-03 11:31 - 00037376 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-06-16 21:15 - 2017-06-03 11:28 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-16 21:15 - 2017-06-03 11:28 - 00232448 _____ (Microsoft Corporation) C:\windows\SysWOW64\edputil.dll
2017-06-16 21:15 - 2017-06-03 11:26 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-16 21:15 - 2017-06-03 11:26 - 00100352 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBrokerUI.dll
2017-06-16 21:15 - 2017-06-03 11:23 - 00306688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2017-06-16 21:15 - 2017-06-03 11:22 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupShim.dll
2017-06-16 21:15 - 2017-06-03 11:22 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2017-06-16 21:15 - 2017-06-03 11:22 - 00181760 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpipcfg.dll
2017-06-16 21:15 - 2017-06-03 11:20 - 00755712 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-06-16 21:15 - 2017-06-03 11:19 - 01164288 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-06-16 21:15 - 2017-06-03 11:16 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-06-16 21:15 - 2017-06-03 11:16 - 00119808 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 18364928 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 00886272 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\musdialoghandlers.dll
2017-06-16 21:15 - 2017-06-03 11:15 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BasicRender.sys
2017-06-16 21:15 - 2017-06-03 11:14 - 00238592 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2017-06-16 21:15 - 2017-06-03 11:14 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-06-16 21:15 - 2017-06-03 11:14 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\MusNotificationUx.exe
2017-06-16 21:15 - 2017-06-03 11:12 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdProxy.dll
2017-06-16 21:15 - 2017-06-03 11:09 - 00441344 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2017-06-16 21:15 - 2017-06-03 11:08 - 02643968 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-06-16 21:15 - 2017-06-03 11:08 - 01221120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2017-06-16 21:15 - 2017-06-03 11:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2017-06-16 21:15 - 2017-06-03 11:07 - 00456192 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-06-16 21:15 - 2017-06-03 11:06 - 03664384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-06-16 21:15 - 2017-06-03 11:05 - 01883648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2017-06-16 21:15 - 2017-06-03 11:05 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\hnetcfg.dll
2017-06-16 21:15 - 2017-06-03 11:04 - 02006528 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-06-16 21:15 - 2017-06-03 11:04 - 00773120 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-06-16 21:15 - 2017-06-03 11:03 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-06-16 21:15 - 2017-06-03 11:02 - 02997760 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2017-06-16 21:15 - 2017-06-03 10:54 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2017-06-16 21:15 - 2017-06-03 10:52 - 03403264 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-06-16 21:15 - 2017-06-03 10:51 - 00266752 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2017-06-16 21:15 - 2017-06-03 10:50 - 02538496 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-06-16 21:15 - 2017-06-03 10:49 - 00903680 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-06-16 21:15 - 2017-06-03 10:48 - 01131008 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-06-16 21:15 - 2017-06-03 10:48 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-06-16 21:15 - 2017-06-03 10:48 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2017-06-16 21:15 - 2017-06-03 10:40 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2017-06-16 21:15 - 2017-05-25 07:56 - 00038752 _____ (Microsoft Corporation) C:\windows\system32\OOBEUpdater.exe
2017-06-16 21:15 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2017-06-16 21:15 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-06-16 21:15 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2017-06-16 21:15 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\wpninprc.dll
2017-06-16 21:15 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentActivation.dll
2017-06-16 21:14 - 2017-06-03 12:50 - 00192856 _____ (Microsoft Corporation) C:\windows\SysWOW64\aepic.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 01564512 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 01214816 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00629088 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00544096 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00379232 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00335712 _____ (Microsoft Corporation) C:\windows\system32\dcntel.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00334176 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00233824 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00136032 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00136024 _____ (Microsoft Corporation) C:\windows\system32\ImplatSetup.dll
2017-06-16 21:14 - 2017-06-03 12:14 - 00096608 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-06-16 21:14 - 2017-06-03 12:14 - 00034648 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2017-06-16 21:14 - 2017-06-03 12:11 - 00128864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-06-16 21:14 - 2017-06-03 12:08 - 07783256 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-06-16 21:14 - 2017-06-03 12:01 - 02681200 _____ C:\windows\system32\CoreUIComponents.dll
2017-06-16 21:14 - 2017-06-03 11:59 - 00764392 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2017-06-16 21:14 - 2017-06-03 11:53 - 00404824 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-06-16 21:14 - 2017-06-03 11:51 - 02187104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-06-16 21:14 - 2017-06-03 11:51 - 00402272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-06-16 21:14 - 2017-06-03 11:49 - 00624048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-06-16 21:14 - 2017-06-03 11:49 - 00509280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-06-16 21:14 - 2017-06-03 11:48 - 01112416 _____ (Microsoft Corporation) C:\windows\system32\AppxPackaging.dll
2017-06-16 21:14 - 2017-06-03 11:48 - 01100128 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2017-06-16 21:14 - 2017-06-03 11:48 - 00989024 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2017-06-16 21:14 - 2017-06-03 11:44 - 01600624 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2017-06-16 21:14 - 2017-06-03 11:40 - 01566552 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2017-06-16 21:14 - 2017-06-03 11:40 - 00628552 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2017-06-16 21:14 - 2017-06-03 11:39 - 00455520 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2017-06-16 21:14 - 2017-06-03 11:22 - 07217152 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-06-16 21:14 - 2017-06-03 11:18 - 22569984 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2017-06-16 21:14 - 2017-06-03 11:16 - 00002560 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2017-06-16 21:14 - 2017-06-03 11:15 - 19414016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-06-16 21:14 - 2017-06-03 11:14 - 00045056 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-06-16 21:14 - 2017-06-03 11:11 - 00353792 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2017-06-16 21:14 - 2017-06-03 11:10 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-06-16 21:14 - 2017-06-03 11:10 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\edputil.dll
2017-06-16 21:14 - 2017-06-03 11:10 - 00117760 _____ (Microsoft Corporation) C:\windows\system32\AuthBrokerUI.dll
2017-06-16 21:14 - 2017-06-03 11:09 - 00489472 _____ (Microsoft Corporation) C:\windows\system32\NetSetupShim.dll
2017-06-16 21:14 - 2017-06-03 11:09 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\NetworkBindingEngineMigPlugin.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 12187648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-16 21:14 - 2017-06-03 11:08 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-06-16 21:14 - 2017-06-03 11:07 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\HNetCfgClient.dll
2017-06-16 21:14 - 2017-06-03 11:06 - 00198144 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-06-16 21:14 - 2017-06-03 11:04 - 06042624 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2017-06-16 21:14 - 2017-06-03 11:03 - 00932864 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-06-16 21:14 - 2017-06-03 11:01 - 00856064 _____ (Microsoft Corporation) C:\windows\system32\efscore.dll
2017-06-16 21:14 - 2017-06-03 11:00 - 23677440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-06-16 21:14 - 2017-06-03 10:58 - 00064512 _____ (Microsoft Corporation) C:\windows\system32\fdProxy.dll
2017-06-16 21:14 - 2017-06-03 10:56 - 13091840 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-06-16 21:14 - 2017-06-03 10:53 - 08125440 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2017-06-16 21:14 - 2017-06-03 10:52 - 02510848 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2017-06-16 21:14 - 2017-06-03 10:52 - 00975872 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-06-16 21:14 - 2017-06-03 10:52 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-06-16 21:14 - 2017-06-03 10:51 - 01418240 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-06-16 21:14 - 2017-06-03 10:50 - 04744704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 03615744 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2017-06-16 21:14 - 2017-06-03 10:49 - 02691072 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 02475520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 02318848 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 01845248 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-06-16 21:14 - 2017-06-03 10:49 - 01513472 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2017-06-16 21:14 - 2017-06-03 10:49 - 00351744 _____ (Microsoft Corporation) C:\windows\system32\hnetcfg.dll
2017-06-16 21:14 - 2017-06-03 10:48 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-06-16 21:14 - 2017-06-03 10:46 - 01121280 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2017-06-16 21:14 - 2017-06-03 08:08 - 00080078 _____ C:\windows\system32\normidna.nls
2017-06-10 21:29 - 2017-06-10 21:29 - 00079949 _____ C:\Users\David\Downloads\Closer(0000093404).srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-06 21:27 - 2017-03-20 20:36 - 00000000 __SHD C:\Users\David\IntelGraphicsProfiles
2017-07-06 21:27 - 2017-03-20 20:35 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-06 21:27 - 2016-07-29 14:32 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-07-06 21:26 - 2017-03-30 20:58 - 01474832 _____ C:\windows\system32\Drivers\sfi.dat
2017-07-06 21:26 - 2016-07-16 08:04 - 00524288 _____ C:\windows\system32\config\BBI
2017-07-06 21:02 - 2016-09-21 20:40 - 01015724 _____ C:\windows\system32\perfh005.dat
2017-07-06 21:02 - 2016-09-21 20:40 - 00262014 _____ C:\windows\system32\perfc005.dat
2017-07-06 21:02 - 2016-07-29 14:37 - 02701638 _____ C:\windows\system32\PerfStringBackup.INI
2017-07-06 20:51 - 2017-03-30 21:31 - 00004212 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{99BDEA0B-AF7B-4B9D-9E5D-8EFE84F594CD}
2017-07-06 20:51 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-06 20:51 - 2016-07-16 13:47 - 00000000 ____D C:\windows\AppReadiness
2017-07-06 20:47 - 2016-07-29 14:32 - 00000000 ____D C:\windows\system32\SleepStudy
2017-07-06 08:15 - 2017-03-30 23:11 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2017-07-05 20:14 - 2016-07-16 13:47 - 00000000 ____D C:\windows\rescache
2017-07-05 15:36 - 2017-03-20 20:36 - 00000000 ____D C:\Users\David\AppData\Local\Packages
2017-07-02 22:01 - 2017-03-30 21:15 - 00000000 ____D C:\Users\David\AppData\Local\CrashDumps
2017-07-02 21:59 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-02 21:58 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-02 21:38 - 2016-07-16 13:45 - 00000000 ____D C:\windows\INF
2017-07-02 21:35 - 2017-03-20 20:50 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-02 21:35 - 2017-03-20 20:50 - 00002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-02 21:32 - 2017-03-30 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2017-07-02 21:32 - 2017-03-30 20:58 - 00000000 ____D C:\Program Files (x86)\COMODO
2017-07-02 21:32 - 2017-03-30 20:46 - 00000000 ____D C:\ProgramData\Comodo
2017-07-02 00:00 - 2016-07-29 15:23 - 00000000 ____D C:\windows\Panther
2017-07-01 23:40 - 2016-07-16 13:47 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2017-06-30 20:36 - 2016-07-16 08:04 - 00032768 _____ C:\windows\system32\config\ELAM
2017-06-29 09:48 - 2016-07-29 14:33 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-29 09:47 - 2017-03-20 20:35 - 00000000 ____D C:\Users\David
2017-06-29 09:47 - 2016-07-29 14:32 - 00417880 _____ C:\windows\system32\FNTCACHE.DAT
2017-06-29 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\appraiser
2017-06-29 09:46 - 2016-07-16 13:47 - 00000000 ____D C:\windows\ShellExperiences
2017-06-16 21:28 - 2017-04-01 23:18 - 00000000 ____D C:\windows\system32\MRT
2017-06-16 21:24 - 2017-04-01 23:18 - 133627792 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-06-16 21:24 - 2016-07-16 13:36 - 00000000 ____D C:\windows\CbsTemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-05 16:06

==================== End of FRST.txt ============================

d_ejf · #10 Příspěvek od **d_ejf** » 06 črc 2017 20:19

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2017
Ran by David (06-07-2017 21:30:31)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1607 (X64) (2017-03-20 18:35:09)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1976776874-1411867160-1571642719-500 - Administrator - Disabled)
David (S-1-5-21-1976776874-1411867160-1571642719-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-1976776874-1411867160-1571642719-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1976776874-1411867160-1571642719-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1976776874-1411867160-1571642719-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.19) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{8364E10D-A3CF-079D-1420-A7A331B237B1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{AB90FB22-D1A5-26F3-587D-074A33D42913}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2C01681E-495A-9B1D-AA21-A739C3A62DF4}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{79CE410B-6303-FBAD-785B-02EE4BFA3DAD}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{31B36003-D27A-7CDA-DF50-BCE828D93A44}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{2BF9C3D6-E173-F96C-197F-631C6FB4DCDD}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{EEFA20BC-C86F-41EB-5196-6ADDA35A626B}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{9485AE35-F8F4-17F0-2CE8-24E1456AAA34}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{F6045C87-8AD6-FB72-B6DA-F4C8E43B2A59}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{2E8EE528-7122-F2D6-710F-CAE0B366C2B1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{2645D671-6EF7-0D54-041B-03DE37AF506B}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{D1D6801F-D256-DFD4-F3A3-6B3F2C93CC50}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{502E3D54-9585-B6CF-7BFC-6282E2918228}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{256FF888-8DEE-15A2-CE50-E9C2E9C19259}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{AE86C231-196E-D27F-59CF-65C909AC5DBA}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{887979E2-095B-2C6E-C8F1-86EAE93F9DB9}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{A41964C9-A0A0-9014-0C7F-0BBA9D181F16}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{E27FEB2C-D441-D506-B15D-E6A3261E8897}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{212F82C4-1C8A-E77A-7323-7690998F9A24}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{77C9ACB4-0E04-649D-FDE1-C2532BD88010}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{7A9DF0F2-74DD-1B5A-D73A-FC0DD2BBF4AA}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
COMODO Internet Security Premium (HKLM\...\{67DA4459-33A8-4E69-9C7B-FB5CBADA60AB}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA413851}) (Version: 1.1.97.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.1.413851.97 - Comodo)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4.6912 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.1.3030 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.111.0 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.27 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{abae53e9-1af7-406f-a318-8f2097906f55}) (Version: 19.02.0000.4750 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.8.1052 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A5D7BA33-DE92-4283-B885-14AE73400444}) (Version: 19.01.1627.3533 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d9719db8-d532-496c-9f2b-eeb1f69f7d89}) (Version: 10.1.1.34 - Intel(R) Corporation) Hidden
Microsoft Office Standard 2013 - cs-cz (HKLM\...\StandardRetail - cs-cz) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft Office Standard 2013 - en-us (HKLM\...\StandardRetail - en-us) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft Project Standard 2013 - cs-cz (HKLM\...\ProjectStdRetail - cs-cz) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft Project Standard 2013 - en-us (HKLM\...\ProjectStdRetail - en-us) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft Visio Standard 2013 - cs-cz (HKLM\...\VisioStdRetail - cs-cz) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft Visio Standard 2013 - en-us (HKLM\...\VisioStdRetail - en-us) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
PX Profile Update (HKLM-x32\...\{840C254A-A6CE-30AF-9AAF-6C02C108A3AA}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7898 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.37 - Synaptics Incorporated)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
ContextMenuHandlers01: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-04-23] (COMODO)
ContextMenuHandlers02: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-04-23] (COMODO)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-07-27] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2016-12-08] (Intel Corporation)
ContextMenuHandlers06: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2017-04-23] (COMODO)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D9580D5-EE67-464F-9D31-C2F4A5B7F0F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {267DABFC-2139-4238-851E-E1902276BC59} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {318BAFE4-F7F5-4290-AD4B-361761BB61A0} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {367D45EF-69EE-45A3-819C-3E73776FF792} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {3A11FB08-1F42-44E9-A8DB-616BA702012D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {3E558469-EB3C-4802-8EA5-E694508C34DB} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {44EFC61F-51AE-45ED-8CC5-358D0C38F05E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {494CD5D6-00E4-4D2E-B03E-A5F3217828FA} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {51FBD747-2845-416D-9AC6-69A9BE2F176F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {6937F3F1-2818-41DB-A446-A5BCD09B773F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {6EBF8E90-9697-4A8C-8119-065992E1F715} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {6EDFE4F0-46EA-4B9C-B93A-1F1C24BB07F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-20] (Google Inc.)
Task: {7BCF3E4D-4514-4B2D-BDFB-6F1BBD2A846B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-20] (Google Inc.)
Task: {8A6BE3A9-77CA-46B4-9D16-901680F23FE2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-20] (Dropbox, Inc.)
Task: {9A40B246-2796-4BF0-9367-D796810B850C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {A88721D4-FBC4-499C-8B18-A3DA3E91E3BA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-07-02] (Microsoft Corporation)
Task: {BB0E411C-F8B7-4895-92CA-7EBE4F2A34D4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-07-02] (Microsoft Corporation)
Task: {ED015AD3-4C08-4D10-B492-2CA13E4ADCA0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-20] (Dropbox, Inc.)
Task: {F406D056-58ED-43D9-8AB9-C9DB5B11CA70} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {F4EFD016-F7B2-4DFB-90FC-5A0E349AEEFB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\windows\SYSTEM32\ism32k.dll
2017-06-16 21:14 - 2017-06-03 12:01 - 02681200 _____ () C:\windows\system32\CoreUIComponents.dll
2016-12-28 00:17 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2016-12-28 00:16 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2016-12-28 00:16 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2016-03-16 10:25 - 2016-03-16 10:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-07-02 21:50 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-03-30 21:05 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-30 21:02 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-30 21:04 - 2017-03-04 08:12 - 09760768 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-30 21:04 - 2017-03-04 08:05 - 01401856 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-30 21:03 - 2017-03-04 08:05 - 00757248 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-16 21:14 - 2017-06-03 10:47 - 02424320 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-16 21:14 - 2017-06-03 10:51 - 04853760 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-30 21:10 - 2017-03-30 21:10 - 12485120 _____ () C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6\HPJumpStart.dll
2017-03-30 21:04 - 2017-03-04 08:04 - 00114176 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-06-13 15:08 - 2017-06-13 15:08 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-07-02 21:50 - 2017-07-02 21:50 - 00402624 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{28B27D2E-F8CC-42E8-8C0F-79300FD63479}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{01B93BFB-1DB7-408C-812F-9839B397F667}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{74D2D4DD-408E-47D9-9ABE-B62E1029410F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{1F0A04D7-A8A3-4041-ACF8-649A8814E942}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{59BD5CBC-DA30-475A-9AA2-4665C14B4F24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [TCP Query User{DFAC887D-DE1F-40B0-9328-F5CFF2C24A82}C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe] => (Allow) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe
FirewallRules: [UDP Query User{603C6849-3012-4B2E-A95D-A96687929CD0}C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe] => (Allow) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe
FirewallRules: [{60068779-9CF1-4D74-AC5F-088B75629A0C}] => (Block) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe
FirewallRules: [{4FC64AB5-D44B-4160-9E10-6FB4C84D0B1C}] => (Block) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe
FirewallRules: [{FB94AFD9-966D-40B6-80AB-78F72542056C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E28EF7E4-79DB-4375-ABAF-F085F19FA560}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe

==================== Restore Points =========================

16-06-2017 21:16:53 Windows Update
27-06-2017 22:11:41 Naplánovaný kontrolní bod
05-07-2017 20:10:43 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2017 08:10:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/05/2017 03:01:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-FURA4EBM)
Description: Aplikaci AD2F1837.HPJumpStart_v10z8vjag6ke6!App se nepovedlo aktivovat, protože došlo k chybě: -2147024865. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/02/2017 10:01:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x18bc
Čas spuštění chybující aplikace: 0x01d2f36df6eed4ef
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 2d593950-fcf1-4979-9daf-a78e0e1b9b1e
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 10:01:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x18bc
Čas spuštění chybující aplikace: 0x01d2f36df6eed4ef
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f2fe7a5e-338c-4cf1-9a34-80ef97644172
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 10:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x18bc
Čas spuštění chybující aplikace: 0x01d2f36df6eed4ef
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: dd5a2793-9973-4bc8-a3cc-f31abe7f1db7
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 10:01:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x18bc
Čas spuštění chybující aplikace: 0x01d2f36df6eed4ef
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 79e30ce5-b16b-46a7-b752-8d4a9c977bbc
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 09:43:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d2f36b749a3de0
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 19323df1-e63f-45fe-9d04-16a0587d081e
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 09:43:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d2f36b749a3de0
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d5e9b8a8-0e08-4613-aeed-448d21821c18
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 09:43:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000604
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d2f36b749a3de0
Cesta k chybující aplikaci: C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9c96a826-72fe-4799-ab31-b8de2e056508
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (07/02/2017 08:43:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-FURA4EBM)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

System errors:
=============
Error: (07/06/2017 09:29:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (07/06/2017 09:28:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 09:27:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 09:26:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 09:08:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 09:00:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Defender neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (07/06/2017 08:58:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 08:57:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 01:01:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/06/2017 12:39:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

CodeIntegrity:
===================================
Date: 2017-07-06 21:29:31.127
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-06 21:29:27.838
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-06 21:27:43.653
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-06 21:27:32.022
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2017-07-06 21:27:17.998
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2017-07-06 21:27:17.618
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\cssguard32.dll that did not meet the Windows signing level requirements.

Date: 2017-07-06 21:01:16.604
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-06 21:00:19.695
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-07-06 21:00:15.494
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-07-06 20:58:23.040
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cssguard64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 43%
Total physical RAM: 8104.07 MB
Available physical RAM: 4592.05 MB
Total Virtual: 9384.07 MB
Available Virtual: 5436.3 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:223.08 GB) (Free:77.22 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.17 GB) (Free:1.7 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 243DDDE8)

Partition: GPT.

==================== End of Addition.txt ============================

#11 Příspěvek od **Márty84** » 07 črc 2017 13:46

Logy neukazuji nic zvlastniho.

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

d_ejf · #12 Příspěvek od **d_ejf** » 15 črc 2017 07:19

Dobrý den, moc děkuji za pomoc!

Aktuálně mi přijde vše ok.

#13 Příspěvek od **Márty84** » 16 črc 2017 12:47

To jsem rad

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu - dlouhý log - 3 posty

Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty

Re: Prosím o kontrolu - dlouhý log - 3 posty