Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
tvarohak
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 26 dub 2015 19:36

Prosím preventivka

#1 Příspěvek od tvarohak »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Jakub (administrator) on ASUS (08-11-2017 20:22:19)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 10 Home Version 1607 14393.1770 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
Failed to access process -> explorer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Jakub\Desktop\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-13] (AVAST Software)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8e32880e-1f1f-4a9c-b520-eb6b0ea008cf}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b793d6cc-0e97-47d2-b326-8bca3cde91cd}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
DPF: HKLM-x32 {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://slkostelcam.coolnet.cz/AVC_AX_764.cab

FireFox:
========
FF DefaultProfile: v1d9bxxy.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\v1d9bxxy.default [2017-11-08]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default [2017-11-08]
CHR Extension: (Prezentace) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-13] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-13] (AVAST Software)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-13] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-10-29] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-13] (AVAST Software)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-07-07] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-08 20:22 - 2017-11-08 20:22 - 000013201 _____ C:\Users\Jakub\Desktop\FRST.txt
2017-11-08 20:17 - 2017-11-08 20:22 - 000000000 ____D C:\FRST
2017-11-08 20:16 - 2017-11-08 20:16 - 002403328 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64 (1).exe
2017-11-08 20:16 - 2017-11-08 20:16 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-03 19:54 - 2017-11-03 19:54 - 000000000 ___HD C:\OneDriveTemp
2017-10-18 19:56 - 2017-04-21 22:53 - 000029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-10-18 19:56 - 2017-04-21 22:53 - 000018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-10-18 19:56 - 2017-04-21 22:50 - 000030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-10-18 19:56 - 2017-04-21 22:50 - 000018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-10-13 20:08 - 2017-10-13 20:08 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-13 20:03 - 2017-09-18 04:27 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-10-13 20:03 - 2017-09-18 04:03 - 000791272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-13 20:03 - 2017-09-18 03:59 - 000341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-13 20:03 - 2017-09-18 03:55 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-13 20:03 - 2017-09-18 03:55 - 001431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 006672680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 004023560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-10-13 20:03 - 2017-09-18 03:52 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-10-13 20:03 - 2017-09-18 03:51 - 000178016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-13 20:03 - 2017-09-18 03:49 - 001412128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-13 20:03 - 2017-09-18 03:49 - 001260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-13 20:03 - 2017-09-18 03:31 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-10-13 20:03 - 2017-09-18 03:31 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-10-13 20:03 - 2017-09-18 03:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-13 20:03 - 2017-09-18 03:28 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-10-13 20:03 - 2017-09-18 03:28 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-10-13 20:03 - 2017-09-18 03:27 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-10-13 20:03 - 2017-09-18 03:26 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-10-13 20:03 - 2017-09-18 03:26 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-10-13 20:03 - 2017-09-18 03:25 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-13 20:03 - 2017-09-18 03:24 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-13 20:03 - 2017-09-18 03:24 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-10-13 20:03 - 2017-09-18 03:24 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-10-13 20:03 - 2017-09-18 03:23 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-10-13 20:03 - 2017-09-18 03:23 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-10-13 20:03 - 2017-09-18 03:23 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-10-13 20:03 - 2017-09-18 03:23 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-10-13 20:03 - 2017-09-18 03:22 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-13 20:03 - 2017-09-18 03:22 - 001137664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-13 20:03 - 2017-09-18 03:20 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-13 20:03 - 2017-09-18 03:20 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-10-13 20:03 - 2017-09-18 03:19 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-10-13 20:03 - 2017-09-18 03:18 - 007470592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-13 20:03 - 2017-09-18 03:14 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-10-13 20:03 - 2017-09-18 03:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-10-13 20:03 - 2017-09-14 23:49 - 001202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-10-13 20:03 - 2017-09-14 23:26 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-10-13 20:03 - 2017-03-04 07:28 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-10-13 20:03 - 2017-03-04 07:24 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-10-13 20:03 - 2017-03-04 07:23 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-10-13 20:03 - 2017-03-04 07:00 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-10-13 20:03 - 2017-03-04 07:00 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-10-13 20:02 - 2017-09-18 04:09 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-13 20:02 - 2017-09-18 04:09 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-13 20:02 - 2017-09-18 04:09 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-13 20:02 - 2017-09-18 04:08 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-13 20:02 - 2017-09-18 04:05 - 001177688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-13 20:02 - 2017-09-18 04:05 - 000497424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-13 20:02 - 2017-09-18 04:05 - 000172536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-13 20:02 - 2017-09-18 04:04 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-13 20:02 - 2017-09-18 04:04 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-13 20:02 - 2017-09-18 04:02 - 007213464 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-13 20:02 - 2017-09-18 04:02 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-10-13 20:02 - 2017-09-18 04:00 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-10-13 20:02 - 2017-09-18 03:59 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-13 20:02 - 2017-09-18 03:59 - 008173672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-13 20:02 - 2017-09-18 03:59 - 004260072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-10-13 20:02 - 2017-09-18 03:59 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-10-13 20:02 - 2017-09-18 03:59 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-10-13 20:02 - 2017-09-18 03:56 - 000057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-13 20:02 - 2017-09-18 03:54 - 001980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-10-13 20:02 - 2017-09-18 03:49 - 001435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-13 20:02 - 2017-09-18 03:48 - 000117792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-13 20:02 - 2017-09-18 03:36 - 022570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-13 20:02 - 2017-09-18 03:35 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-10-13 20:02 - 2017-09-18 03:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-10-13 20:02 - 2017-09-18 03:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-13 20:02 - 2017-09-18 03:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-10-13 20:02 - 2017-09-18 03:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-13 20:02 - 2017-09-18 03:32 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-13 20:02 - 2017-09-18 03:31 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-10-13 20:02 - 2017-09-18 03:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-13 20:02 - 2017-09-18 03:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-13 20:02 - 2017-09-18 03:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-10-13 20:02 - 2017-09-18 03:29 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-13 20:02 - 2017-09-18 03:29 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-10-13 20:02 - 2017-09-18 03:29 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-10-13 20:02 - 2017-09-18 03:29 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-10-13 20:02 - 2017-09-18 03:28 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-13 20:02 - 2017-09-18 03:28 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-10-13 20:02 - 2017-09-18 03:28 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-13 20:02 - 2017-09-18 03:27 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-10-13 20:02 - 2017-09-18 03:27 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-10-13 20:02 - 2017-09-18 03:27 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-10-13 20:02 - 2017-09-18 03:27 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-13 20:02 - 2017-09-18 03:27 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-10-13 20:02 - 2017-09-18 03:27 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-13 20:02 - 2017-09-18 03:26 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-10-13 20:02 - 2017-09-18 03:26 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-13 20:02 - 2017-09-18 03:26 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-13 20:02 - 2017-09-18 03:26 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-10-13 20:02 - 2017-09-18 03:26 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-13 20:02 - 2017-09-18 03:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-10-13 20:02 - 2017-09-18 03:26 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-10-13 20:02 - 2017-09-18 03:25 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-10-13 20:02 - 2017-09-18 03:24 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-13 20:02 - 2017-09-18 03:24 - 002103808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-10-13 20:02 - 2017-09-18 03:24 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-10-13 20:02 - 2017-09-18 03:24 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-13 20:02 - 2017-09-18 03:24 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-13 20:02 - 2017-09-18 03:23 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-10-13 20:02 - 2017-09-18 03:23 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-13 20:02 - 2017-09-18 03:20 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-13 20:02 - 2017-09-18 03:20 - 019414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-13 20:02 - 2017-09-18 03:20 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-10-13 20:02 - 2017-09-18 03:20 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-10-13 20:02 - 2017-09-18 03:19 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-13 20:02 - 2017-09-18 03:19 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-13 20:02 - 2017-09-18 03:19 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-13 20:02 - 2017-09-18 03:18 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-13 20:02 - 2017-09-18 03:18 - 001145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-10-13 20:02 - 2017-09-18 03:18 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-13 20:02 - 2017-09-18 03:17 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-13 20:02 - 2017-09-18 03:17 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-13 20:02 - 2017-09-18 03:17 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-10-13 20:02 - 2017-09-18 03:16 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-10-13 20:02 - 2017-09-18 03:16 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-10-13 20:02 - 2017-09-18 03:15 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-10-13 20:02 - 2017-09-18 03:15 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-10-13 20:02 - 2017-09-18 03:14 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000983552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-10-13 20:02 - 2017-09-18 03:14 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-13 20:02 - 2017-09-18 03:13 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-10-13 20:02 - 2017-09-18 03:13 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-10-13 20:02 - 2017-09-18 03:13 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-10-13 20:02 - 2017-09-18 03:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-13 20:02 - 2017-09-18 03:13 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-10-13 20:02 - 2017-09-18 03:13 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-10-13 20:02 - 2017-09-18 03:13 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2017-10-13 20:02 - 2017-09-18 03:12 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-10-13 20:02 - 2017-09-18 03:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-13 20:02 - 2017-09-18 03:12 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-10-13 20:02 - 2017-09-18 03:11 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-10-13 20:02 - 2017-09-18 03:11 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-13 20:02 - 2017-09-15 00:05 - 001302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-10-13 20:02 - 2017-09-14 23:59 - 000096064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-10-13 20:02 - 2017-09-14 23:52 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-10-13 20:02 - 2017-09-14 23:34 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-10-13 20:02 - 2017-09-14 23:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2017-10-13 20:02 - 2017-09-14 23:32 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-13 20:02 - 2017-09-14 23:31 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-13 20:02 - 2017-09-14 23:30 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-10-13 20:02 - 2017-09-14 23:30 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2017-10-13 20:02 - 2017-09-14 23:30 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB7.dll
2017-10-13 20:02 - 2017-09-14 23:30 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-13 20:02 - 2017-09-14 23:30 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-10-13 20:02 - 2017-09-14 23:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-13 20:02 - 2017-09-14 23:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-10-13 20:02 - 2017-09-14 23:28 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-10-13 20:02 - 2017-09-14 23:27 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-10-13 20:02 - 2017-09-14 23:26 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-10-13 20:02 - 2017-09-14 23:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2017-10-13 20:02 - 2017-09-14 23:25 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-10-13 20:02 - 2017-09-14 23:24 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-13 20:02 - 2017-09-14 23:22 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-10-13 20:02 - 2017-09-14 23:22 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-10-13 20:02 - 2017-09-14 23:18 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-13 20:02 - 2017-09-14 23:18 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2017-10-13 20:02 - 2017-09-14 23:16 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2017-10-13 20:02 - 2017-09-14 23:15 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-13 20:02 - 2017-09-14 03:04 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-13 20:02 - 2017-09-14 03:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-13 20:02 - 2017-09-14 03:04 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-13 20:02 - 2017-03-04 07:23 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-10-13 20:02 - 2017-03-04 07:16 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-10-13 20:02 - 2016-08-27 06:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-10-13 20:01 - 2017-09-18 04:17 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-10-13 20:01 - 2017-09-18 04:17 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-10-13 20:01 - 2017-09-18 04:17 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-10-13 20:01 - 2017-09-18 04:09 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-13 20:01 - 2017-09-18 04:08 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-13 20:01 - 2017-09-18 04:05 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-10-13 20:01 - 2017-09-18 04:04 - 000404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-13 20:01 - 2017-09-18 04:01 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-10-13 20:01 - 2017-09-18 04:01 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-13 20:01 - 2017-09-18 04:01 - 000431456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-10-13 20:01 - 2017-09-18 04:01 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-13 20:01 - 2017-09-18 03:59 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-10-13 20:01 - 2017-09-18 03:58 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-10-13 20:01 - 2017-09-18 03:58 - 000206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-13 20:01 - 2017-09-18 03:57 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-13 20:01 - 2017-09-18 03:57 - 001460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-13 20:01 - 2017-09-18 03:57 - 001415712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-13 20:01 - 2017-09-18 03:33 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2017-10-13 20:01 - 2017-09-18 03:32 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-13 20:01 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2017-10-13 20:01 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2017-10-13 20:01 - 2017-09-18 03:31 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000174592 _____ C:\WINDOWS\system32\IHDS.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StaticDictDS.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-10-13 20:01 - 2017-09-18 03:30 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2017-10-13 20:01 - 2017-09-18 03:29 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-13 20:01 - 2017-09-18 03:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2017-10-13 20:01 - 2017-09-18 03:28 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2017-10-13 20:01 - 2017-09-18 03:28 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsPinyinRanker.dll
2017-10-13 20:01 - 2017-09-18 03:28 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2017-10-13 20:01 - 2017-09-18 03:28 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-13 20:01 - 2017-09-18 03:28 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimeChsPinyinMainDS.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-10-13 20:01 - 2017-09-18 03:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-13 20:01 - 2017-09-18 03:26 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-10-13 20:01 - 2017-09-18 03:26 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-10-13 20:01 - 2017-09-18 03:26 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2017-10-13 20:01 - 2017-09-18 03:26 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-13 20:01 - 2017-09-18 03:26 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-10-13 20:01 - 2017-09-18 03:26 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-10-13 20:01 - 2017-09-18 03:26 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-10-13 20:01 - 2017-09-18 03:25 - 001914368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-13 20:01 - 2017-09-18 03:25 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-13 20:01 - 2017-09-18 03:25 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-13 20:01 - 2017-09-18 03:25 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-10-13 20:01 - 2017-09-18 03:24 - 001584640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-13 20:01 - 2017-09-18 03:23 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-10-13 20:01 - 2017-09-18 03:22 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-10-13 20:01 - 2017-09-18 03:22 - 003291648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-10-13 20:01 - 2017-09-18 03:22 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-10-13 20:01 - 2017-09-18 03:22 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-13 20:01 - 2017-09-18 03:22 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-13 20:01 - 2017-09-18 03:21 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-13 20:01 - 2017-09-18 03:19 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-10-13 20:01 - 2017-09-18 03:19 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2017-10-13 20:01 - 2017-09-18 03:18 - 012204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-13 20:01 - 2017-09-18 03:18 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-13 20:01 - 2017-09-18 03:18 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-13 20:01 - 2017-09-18 03:18 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-13 20:01 - 2017-09-18 03:18 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-10-13 20:01 - 2017-09-18 03:17 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-13 20:01 - 2017-09-18 03:16 - 004743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-13 20:01 - 2017-09-18 03:16 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 001231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-13 20:01 - 2017-09-18 03:15 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-13 20:01 - 2017-09-18 03:14 - 002321408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 001518080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-13 20:01 - 2017-09-18 03:14 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-13 20:01 - 2017-09-18 03:14 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-10-13 20:01 - 2017-09-18 03:13 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-10-13 20:01 - 2017-09-18 03:13 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-10-13 20:01 - 2017-09-18 03:13 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-13 20:01 - 2017-09-18 03:13 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2017-10-13 20:01 - 2017-09-18 03:11 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2017-10-13 20:01 - 2017-09-18 03:11 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2017-10-13 20:01 - 2017-09-18 03:11 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2017-10-13 20:01 - 2017-09-15 00:14 - 000119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-10-13 20:01 - 2017-09-14 23:32 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7.dll
2017-10-13 20:01 - 2017-09-14 23:32 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-10-13 20:01 - 2017-09-14 23:32 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-10-13 20:01 - 2017-09-14 23:31 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-13 20:01 - 2017-09-14 23:31 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-13 20:01 - 2017-09-14 23:29 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-10-13 20:01 - 2017-09-14 23:25 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-10-13 20:01 - 2017-09-14 23:24 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2017-10-13 20:01 - 2017-09-14 23:23 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-13 20:01 - 2017-09-14 23:22 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-10-13 20:01 - 2017-09-14 23:20 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-13 20:01 - 2017-09-14 23:19 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-10-13 20:01 - 2017-09-14 23:19 - 000928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-10-13 20:01 - 2017-03-04 08:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-10-13 20:01 - 2017-03-04 07:11 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-10-13 20:01 - 2017-03-04 07:07 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-10-13 19:10 - 2017-10-13 19:10 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-08 20:21 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2017-11-08 20:14 - 2016-07-16 23:25 - 000752770 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-08 20:14 - 2016-07-16 23:25 - 000176012 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-08 20:14 - 2015-11-16 22:00 - 002013520 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-08 20:10 - 2017-04-17 11:56 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-11-08 20:10 - 2016-09-24 17:37 - 000002332 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2017-11-08 20:10 - 2016-09-24 17:37 - 000002258 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2017-11-08 20:10 - 2016-09-24 17:37 - 000002248 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2017-11-08 20:10 - 2016-09-24 17:37 - 000002130 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2017-11-08 20:10 - 2016-09-24 17:37 - 000002114 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-11-08 20:10 - 2015-06-28 15:21 - 000000074 _____ C:\Users\Jakub\AppData\Roaming\sp_data.sys
2017-11-08 20:09 - 2016-09-24 17:37 - 000002332 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2017-11-08 20:09 - 2016-09-24 17:37 - 000002068 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2017-11-08 20:08 - 2015-11-16 22:12 - 000000000 __SHD C:\Users\Jakub\IntelGraphicsProfiles
2017-11-08 20:07 - 2016-09-24 17:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-08 20:06 - 2016-07-16 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-08 20:05 - 2016-09-24 17:13 - 000000000 ____D C:\Users\Jakub
2017-11-08 19:58 - 2016-09-24 17:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-03 21:29 - 2017-10-04 19:12 - 000000000 ____D C:\Program Files\rempl
2017-11-03 21:24 - 2015-07-05 18:21 - 000000000 ___RD C:\Users\Jakub\OneDrive
2017-11-03 19:53 - 2017-07-29 19:37 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3768943390-3512815649-1483587873-1001
2017-11-03 19:53 - 2015-11-16 22:20 - 000002429 _____ C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 19:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-01 20:23 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-29 13:00 - 2015-06-28 15:52 - 001029872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-10-25 19:06 - 2015-06-28 16:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-25 19:03 - 2016-09-24 17:06 - 000194440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-18 20:56 - 2016-07-16 12:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-18 20:56 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-18 20:56 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-18 20:17 - 2016-07-16 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-18 19:52 - 2016-07-16 07:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-18 19:37 - 2015-07-27 16:42 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-10-13 20:40 - 2016-07-16 12:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-10-13 20:12 - 2015-06-30 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-13 20:08 - 2015-06-30 20:07 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-13 19:11 - 2017-06-27 16:26 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-13 19:11 - 2017-02-15 20:07 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-13 19:10 - 2015-06-28 15:52 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-13 19:10 - 2015-06-28 15:52 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-13 19:10 - 2015-06-28 15:52 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-13 19:10 - 2015-06-28 15:52 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-13 19:10 - 2015-06-28 15:52 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-13 19:10 - 2015-06-28 15:52 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-13 19:10 - 2015-06-28 15:52 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-13 19:10 - 2015-06-28 15:49 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-13 19:09 - 2017-02-15 20:07 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-13 19:09 - 2017-02-15 20:07 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-13 19:09 - 2017-02-15 20:07 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-13 19:09 - 2017-02-15 20:07 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-12 23:27 - 2016-07-16 12:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-12 23:27 - 2016-07-16 12:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-06-28 15:21 - 2017-11-08 20:10 - 000000074 _____ () C:\Users\Jakub\AppData\Roaming\sp_data.sys
2015-11-26 18:17 - 2015-11-26 18:17 - 000000017 _____ () C:\Users\Jakub\AppData\Local\resmon.resmoncfg
2013-05-01 12:15 - 2012-09-07 12:40 - 000000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 000024576 _____ () C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-01 21:39

==================== End of FRST.txt ============================

tvarohak
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 26 dub 2015 19:36

Re: Prosím preventivka

#2 Příspěvek od tvarohak »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Jakub (08-11-2017 20:23:51)
Running from C:\Users\Jakub\Desktop
Windows 10 Home Version 1607 14393.1770 (X64) (2016-09-24 16:44:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3768943390-3512815649-1483587873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3768943390-3512815649-1483587873-503 - Limited - Disabled)
Guest (S-1-5-21-3768943390-3512815649-1483587873-501 - Limited - Disabled)
Jakub (S-1-5-21-3768943390-3512815649-1483587873-1001 - Administrator - Enabled) => C:\Users\Jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Azteca (HKLM-x32\...\WTA-2f3263a5-c48e-44bb-8641-562ea5476a87) (Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-2f1b39cc-83cd-4559-b10f-61626726b133) (Version: 2.2.0.97 - WildTangent) Hidden
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Cut the Rope (HKLM-x32\...\WTA-1137fe53-d992-40ce-a7c1-592d61593a12) (Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Peggle (HKLM-x32\...\WTA-1aa96af5-7897-4b52-871b-5672bf2a93b1) (Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-f7af5d5d-ca08-4f1e-b605-50cc7e4d969d) (Version: 2.2.0.98 - WildTangent) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of Lagoona (HKLM-x32\...\WTA-6c851d85-eca4-4ecf-853a-81473e512af5) (Version: 2.2.0.110 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{17515373-7495-4995-9089-B7D6DF455C38}) (Version: 2.6.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.5 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3768943390-3512815649-1483587873-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\stažené\Winrar\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\stažené\Winrar\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-13] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\stažené\Winrar\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\stažené\Winrar\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D048788-533F-4767-96F2-76A70B85E73A} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe
Task: {18E0C632-ADC2-4EFA-9E39-BF279D2C6FBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.)
Task: {1D56DE3E-0581-4360-8667-F57F4A1FFF6A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {1EB439DB-6B6F-491B-8B7A-540B9534DD3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {22B8200F-26C4-45CD-AAFF-BA28D2D1E9A9} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {288B9EB9-305F-47EE-8FDE-7831D757373C} - System32\Tasks\SafeZone scheduled Autoupdate 1461596361 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {2A2608AC-CA79-421A-AEB6-E39BAFF161D9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {396E7764-CFA8-4232-86C0-3A0909A58EAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.)
Task: {4076310E-334F-415F-B2CD-A3B495BF527B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-13] (AVAST Software)
Task: {4E1DB559-968E-4495-9994-382103AB5C3E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4EC83FEA-DB01-45F1-B88A-EC06C90176B1} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {5038FA04-4C37-4252-A4B8-59365EE3D9B2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {67DA9FFF-1361-4672-8521-CC89DB786D76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {748BDBB3-F881-4370-AE5C-706E7A172102} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {8FC5FE53-5388-46EC-8D95-D4331FD9DFA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {91789012-028B-46F5-9064-AC475063B439} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {95D3933A-429A-4CD7-B7BB-35C0D4590E6F} - \WPD\SqmUpload_S-1-5-21-3768943390-3512815649-1483587873-1001 -> No File <==== ATTENTION
Task: {A2889697-5698-49E5-9F6E-15C162C2AA66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {B0980F8F-DBEC-46E3-A8CF-44464D6AE353} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {B5F845EA-7090-4047-86AD-4D6510091246} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-08] (Microsoft Corporation)
Task: {C2BB92AB-D60D-4AB5-AACE-F44DE806962E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Norton Product InstallerIdle.job => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-09-23 14:48 - 2017-09-07 07:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-24 17:55 - 2016-09-24 17:55 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 21:12 - 2017-03-04 07:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 21:13 - 2017-03-04 07:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 21:13 - 2017-03-04 07:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 21:13 - 2017-03-04 07:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-10-13 20:02 - 2017-09-18 03:14 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-10-13 20:02 - 2017-09-18 03:16 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-12-19 07:10 - 2012-12-19 07:10 - 000072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2017-10-25 19:22 - 2017-10-25 19:24 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-25 19:22 - 2017-10-25 19:24 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-25 19:22 - 2017-10-25 19:24 - 025446400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-25 19:22 - 2017-10-25 19:24 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-10-25 19:22 - 2017-10-25 19:24 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2012-08-24 17:26 - 2012-08-24 17:26 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-08-26 19:25 - 2016-08-26 19:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-10-13 19:09 - 2017-10-13 19:09 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-13 19:09 - 2017-10-13 19:09 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-29 19:34 - 2017-07-29 19:34 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-13 19:10 - 2017-10-13 19:10 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-13 19:10 - 2017-10-13 19:10 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-13 19:09 - 2017-10-13 19:09 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-25 19:13 - 2017-10-25 19:13 - 000703336 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2013-07-30 17:47 - 2012-06-25 10:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-09-23 14:35 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\skoda-fabia-r5-2015-1.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{47086E7B-0352-42A7-913D-A6066E97E82C}D:\call of duty 4 modern warfare\iw3mp.exe] => (Block) D:\call of duty 4 modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{69691007-177C-4C13-8C26-348AE5F485E7}D:\call of duty 4 modern warfare\iw3mp.exe] => (Block) D:\call of duty 4 modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{49EAB404-DE66-4567-A01B-46A3C343C8A5}D:\stažené\cod 5\codwaw.exe] => (Block) D:\stažené\cod 5\codwaw.exe
FirewallRules: [TCP Query User{40A0A809-7944-4A89-9E9F-FEFD151CF194}D:\stažené\cod 5\codwaw.exe] => (Block) D:\stažené\cod 5\codwaw.exe
FirewallRules: [{075A4F28-4C29-4F00-8A1A-8F9D4F92CD88}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4852027A-47DC-4EAD-9D92-941A69CFC71E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{ED47EE4B-2F5E-487E-A08B-B133988AC2E4}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{F571F071-09CB-4EE7-8AFD-CD8849DE4B2A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{B26A75DB-4604-4E2F-8711-CA18A79C75E8}D:\stažené\call of duty 2\cod2mp_s.exe] => (Block) D:\stažené\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{B7F2F34B-1D12-46E6-A654-9655B60779F8}D:\stažené\call of duty 2\cod2mp_s.exe] => (Block) D:\stažené\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{FD978CC3-9EED-4CA3-A90C-B0DD2A784958}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{151534BA-9E9B-403A-BFB4-59BDA2E90AD5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [TCP Query User{E99C9FB4-82FA-4EF0-819B-B14E48516890}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{69DAE441-724E-4575-AD61-BE181F15C2D5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [TCP Query User{00CD9F41-8DFF-4F4B-8224-6CC474AF07FD}D:\stažené\cod 5\codwawmp.exe] => (Block) D:\stažené\cod 5\codwawmp.exe
FirewallRules: [UDP Query User{DEE55550-3072-45F6-861F-F4325B6DF145}D:\stažené\cod 5\codwawmp.exe] => (Block) D:\stažené\cod 5\codwawmp.exe
FirewallRules: [{2D27E74E-CF83-4D49-BA92-5F6587EECF85}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{803A85CF-188C-48D8-89EC-7ADA0F62E0B9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{66AEFE93-CC66-4A2F-B7D1-62AF9B4AED9C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-09-2017 21:40:53 Naplánovaný kontrolní bod
04-10-2017 19:11:51 Windows Update
13-10-2017 20:07:14 Windows Update
18-10-2017 19:54:21 Windows Update
29-10-2017 13:01:59 Windows Update
03-11-2017 21:29:04 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2017 08:08:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.14393.1532, časové razítko: 0x5965adb0
Název chybujícího modulu: windows.immersiveshell.serviceprovider.dll, verze: 10.0.14393.1593, časové razítko: 0x5980caee
Kód výjimky: 0x80270233
Posun chyby: 0x0000000000033c25
ID chybujícího procesu: 0x1118
Čas spuštění chybující aplikace: 0x01d358c4e511e131
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
ID zprávy: 7437e7d3-dc72-438c-a659-c9580c14cde8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 09:29:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (11/01/2017 08:03:51 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {2CD39202-3A2F-4935-9A86-65B919919A7F} byla odmítnuta.

Error: (10/29/2017 01:02:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/18/2017 07:54:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/13/2017 08:12:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (10/13/2017 08:07:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/04/2017 07:12:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (10/04/2017 07:07:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AsusTPCenter.exe, verze: 1.0.0.87, časové razítko: 0x56b050c0
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.1532, časové razítko: 0x5965abad
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002f5d9
ID chybujícího procesu: 0x29a0
Čas spuštění chybující aplikace: 0x01d3394f89cebcab
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b5361c91-a5a1-415a-b096-eb9df25368bd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/27/2017 09:41:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (11/08/2017 08:12:51 PM) (Source: DCOM) (EventID: 10016) (User: ASUS)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli Asus\Jakub (SID: S-1-5-21-3768943390-3512815649-1483587873-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c – SID (S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:10:50 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/08/2017 08:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:07:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:07:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:05:16 PM) (Source: DCOM) (EventID: 10010) (User: ASUS)
Description: Server {260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/08/2017 08:04:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/08/2017 08:02:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentage of memory in use: 41%
Total physical RAM: 3981.74 MB
Available physical RAM: 2315.7 MB
Total Virtual: 4685.74 MB
Available Virtual: 2992.14 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:147.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:210.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 32FAA5A0)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím preventivka

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tvarohak
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 26 dub 2015 19:36

Re: Prosím preventivka

#4 Příspěvek od tvarohak »

# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 11 19:04:16 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/11 19:3:8]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím preventivka

#5 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {396E7764-CFA8-4232-86C0-3A0909A58EAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.)
Task: {18E0C632-ADC2-4EFA-9E39-BF279D2C6FBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.)
Task: {95D3933A-429A-4CD7-B7BB-35C0D4590E6F} - \WPD\SqmUpload_S-1-5-21-3768943390-3512815649-1483587873-1001 -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tvarohak
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 26 dub 2015 19:36

Re: Prosím preventivka

#6 Příspěvek od tvarohak »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
Ran by Jakub (13-11-2017 20:08:38) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {396E7764-CFA8-4232-86C0-3A0909A58EAA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.)
Task: {18E0C632-ADC2-4EFA-9E39-BF279D2C6FBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-28] (Google Inc.)
Task: {95D3933A-429A-4CD7-B7BB-35C0D4590E6F} - \WPD\SqmUpload_S-1-5-21-3768943390-3512815649-1483587873-1001 -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found

EmptyTemp:
End
*****************

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{396E7764-CFA8-4232-86C0-3A0909A58EAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{396E7764-CFA8-4232-86C0-3A0909A58EAA} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18E0C632-ADC2-4EFA-9E39-BF279D2C6FBA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18E0C632-ADC2-4EFA-9E39-BF279D2C6FBA} => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95D3933A-429A-4CD7-B7BB-35C0D4590E6F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95D3933A-429A-4CD7-B7BB-35C0D4590E6F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3768943390-3512815649-1483587873-1001 => key removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1933348 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43611694 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 44868 B
Edge => 507 B
Chrome => 359308831 B
Firefox => 5414762 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 3800 B
Jakub => 14168630 B

RecycleBin => 0 B
EmptyTemp: => 404.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:09:10 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím preventivka

#7 Příspěvek od Rudy »

Smazáno, log již bude OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

tvarohak
Návštěvník
Návštěvník
Příspěvky: 52
Registrován: 26 dub 2015 19:36

Re: Prosím preventivka

#8 Příspěvek od tvarohak »

Děkuji vám za kontrolu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím preventivka

#9 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno