zavirovaný pc

[Maca00]

dobrý den, mám problém s prohližečem, náhodně se otevírací okna s nevyžádaným obsahem, tak myslím, že mám v pc nějaký vir

Logfile of random's system information tool 1.16 (written by random/random)
Run by pcone at 2017-04-18 19:58:22
Microsoft Windows 10 Home
System drive C: has 491 GB (86%) free of 572 GB
Total RAM: 8095 MB (45% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:45, on 18. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\pcone\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Users\pcone\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\pcone\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe
C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe
C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe
C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\pcone\Downloads\RSIT (1).exe
C:\Program Files (x86)\trend micro\pcone_RSIT (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://noblok.biz/wpad.dat?6892056c7943 ... 3427603097
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
O4 - HKCU\..\Run: [BingSvc] C:\Users\pcone\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\pcone\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\pcone\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 13418 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\pcone\AppData\Roaming\Mozilla\Firefox\Profiles\riiogotu.default

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=D:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=D:\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\pcone\AppData\Roaming\Mozilla\Firefox\Profiles\riiogotu.default\addons.json

C:\Users\pcone\AppData\Roaming\Mozilla\Firefox\Profiles\riiogotu.default\extensions.json
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Site Deployment Checker - extension - deployment-checker@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

C:\Users\pcone\AppData\Roaming\Mozilla\Firefox\Profiles\riiogotu.default\pluginreg.dat

=========Google Chrome=========

C:\Users\pcone\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.155
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.124
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\pcone\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=ASJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-02 151240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-02 1632048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [2014-08-20 63296]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\pcone\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-12-12 144008]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2015-11-30 60688]
"AppleIEDAV"=C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [2015-06-26 1079592]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2015-11-30 103696]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2015-11-30 349968]
"OneDrive"=C:\Users\pcone\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-04-12 1518808]
"Spotify Web Helper"=C:\Users\pcone\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-04-12 1446000]
"Spotify"=C:\Users\pcone\AppData\Roaming\Spotify\Spotify.exe [2017-04-12 7064176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-18 19:58:23 ----D---- C:\Program Files (x86)\trend micro
2017-04-18 19:58:22 ----D---- C:\rsit
2017-04-18 08:56:39 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2017-03-20 16:45:59 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-20 16:45:57 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-20 16:45:55 ----A---- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-20 16:45:54 ----A---- C:\WINDOWS\SysWOW64\mos.dll
2017-03-20 16:45:53 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-20 16:45:49 ----A---- C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-20 16:45:49 ----A---- C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-20 16:45:48 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2017-03-20 16:45:47 ----A---- C:\WINDOWS\SysWOW64\tquery.dll
2017-03-20 16:45:46 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2017-03-20 16:45:45 ----A---- C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-20 16:45:44 ----A---- C:\WINDOWS\SysWOW64\explorer.exe
2017-03-20 16:45:42 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2017-03-20 16:45:40 ----A---- C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-20 16:45:40 ----A---- C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-20 16:45:39 ----A---- C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-20 16:45:38 ----A---- C:\WINDOWS\SysWOW64\mispace.dll
2017-03-20 16:45:38 ----A---- C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-20 16:45:37 ----A---- C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-20 16:45:36 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-20 16:45:36 ----A---- C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-20 16:45:35 ----A---- C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-20 16:45:34 ----A---- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-20 16:45:33 ----A---- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-20 16:45:32 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-20 16:45:32 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-20 16:45:32 ----A---- C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-20 16:45:31 ----A---- C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-20 16:45:30 ----A---- C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-20 16:45:30 ----A---- C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-20 16:45:30 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2017-03-20 16:45:30 ----A---- C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-20 16:45:29 ----A---- C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-20 16:45:29 ----A---- C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-20 16:45:28 ----A---- C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-20 16:45:27 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-20 16:45:27 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-20 16:45:27 ----A---- C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-20 16:45:26 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-20 16:45:26 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-20 16:45:26 ----A---- C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-20 16:45:25 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-20 16:45:25 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-20 16:45:25 ----A---- C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-20 16:45:25 ----A---- C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-20 16:45:25 ----A---- C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-20 16:45:24 ----A---- C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-20 16:45:24 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-20 16:45:23 ----A---- C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-20 16:45:23 ----A---- C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-20 16:45:23 ----A---- C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-20 16:45:22 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-20 16:45:22 ----A---- C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-20 16:45:22 ----A---- C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-20 16:45:20 ----A---- C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-20 16:45:20 ----A---- C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-20 16:45:20 ----A---- C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-20 16:45:19 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-20 16:45:17 ----A---- C:\WINDOWS\SysWOW64\schannel.dll
2017-03-20 16:45:17 ----A---- C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-20 16:45:16 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-20 16:45:16 ----A---- C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-20 16:45:16 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-20 16:45:16 ----A---- C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-20 16:45:16 ----A---- C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-20 16:45:15 ----A---- C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-20 16:45:15 ----A---- C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-20 16:45:15 ----A---- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-20 16:45:14 ----A---- C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-20 16:45:14 ----A---- C:\WINDOWS\SysWOW64\resutils.dll
2017-03-20 16:45:14 ----A---- C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-20 16:45:13 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-20 16:45:12 ----A---- C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-20 16:45:12 ----A---- C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-20 16:45:11 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-20 16:45:11 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-20 16:45:11 ----A---- C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-20 16:45:11 ----A---- C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-20 16:45:11 ----A---- C:\WINDOWS\SysWOW64\authui.dll
2017-03-20 16:45:10 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-20 16:45:10 ----A---- C:\WINDOWS\SysWOW64\wer.dll
2017-03-20 16:45:10 ----A---- C:\WINDOWS\SysWOW64\mf.dll
2017-03-20 16:45:09 ----A---- C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-20 16:45:09 ----A---- C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-20 16:45:09 ----A---- C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-20 16:45:08 ----A---- C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-20 16:45:08 ----A---- C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-20 16:45:08 ----A---- C:\WINDOWS\SysWOW64\quartz.dll
2017-03-20 16:45:08 ----A---- C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-20 16:45:08 ----A---- C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-20 16:45:07 ----A---- C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-20 16:45:07 ----A---- C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-20 16:45:07 ----A---- C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-20 16:45:07 ----A---- C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-20 16:45:06 ----A---- C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-20 16:45:06 ----A---- C:\WINDOWS\SysWOW64\gameux.dll
2017-03-20 16:45:05 ----A---- C:\WINDOWS\SysWOW64\winmde.dll
2017-03-20 16:45:05 ----A---- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-20 16:45:04 ----A---- C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-20 16:45:04 ----A---- C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-20 16:45:03 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-20 16:45:02 ----A---- C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-20 16:45:02 ----A---- C:\WINDOWS\SysWOW64\cdp.dll
2017-03-20 16:45:02 ----A---- C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-20 16:45:01 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-20 16:45:01 ----A---- C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-20 16:45:00 ----A---- C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-20 16:45:00 ----A---- C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-20 16:45:00 ----A---- C:\WINDOWS\SysWOW64\mmc.exe
2017-03-20 16:45:00 ----A---- C:\WINDOWS\SysWOW64\mfds.dll
2017-03-20 16:44:59 ----A---- C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-20 16:44:59 ----A---- C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-20 16:44:59 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-20 16:44:59 ----A---- C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-20 16:44:58 ----A---- C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-20 16:44:58 ----A---- C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-20 16:44:57 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-20 16:44:57 ----A---- C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-20 16:44:55 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-20 16:44:54 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-20 16:44:53 ----A---- C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-20 16:44:53 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-20 16:44:53 ----A---- C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-20 16:44:53 ----A---- C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-20 16:44:52 ----A---- C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-20 16:44:52 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-20 16:44:52 ----A---- C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-20 16:44:52 ----A---- C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-20 16:44:52 ----A---- C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-20 16:44:51 ----A---- C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-20 16:44:51 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-20 16:44:51 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-20 16:44:51 ----A---- C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-20 16:44:51 ----A---- C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-20 16:44:50 ----A---- C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-20 16:44:50 ----A---- C:\WINDOWS\SysWOW64\InputService.dll
2017-03-20 16:44:50 ----A---- C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-20 16:44:50 ----A---- C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-20 16:44:49 ----A---- C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-20 16:44:49 ----A---- C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-20 16:44:49 ----A---- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-20 16:44:49 ----A---- C:\WINDOWS\SysWOW64\evr.dll
2017-03-20 16:44:49 ----A---- C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-20 16:44:48 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-20 16:44:48 ----A---- C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-20 16:44:48 ----A---- C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-20 16:44:48 ----A---- C:\WINDOWS\SysWOW64\input.dll
2017-03-20 16:44:47 ----A---- C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-20 16:44:47 ----A---- C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-20 16:44:47 ----A---- C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-20 16:44:47 ----A---- C:\WINDOWS\SysWOW64\mssph.dll
2017-03-20 16:44:47 ----A---- C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-20 16:44:46 ----A---- C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-20 16:44:46 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-20 16:44:46 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-20 16:44:46 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-20 16:44:46 ----A---- C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-20 16:44:46 ----A---- C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-20 16:44:45 ----A---- C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-20 16:44:45 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-20 16:44:45 ----A---- C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-20 16:44:44 ----A---- C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-20 16:44:44 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-20 16:44:44 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-20 16:44:43 ----A---- C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-20 16:44:43 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-20 16:44:43 ----A---- C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-20 16:44:43 ----A---- C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-20 16:44:43 ----A---- C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-20 16:44:42 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-20 16:44:42 ----A---- C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-20 16:44:42 ----A---- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-20 16:44:42 ----A---- C:\WINDOWS\SysWOW64\icm32.dll
2017-03-20 16:44:41 ----A---- C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-20 16:44:41 ----A---- C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-20 16:44:41 ----A---- C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-20 16:44:41 ----A---- C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-20 16:44:40 ----A---- C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-20 16:44:39 ----A---- C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-20 16:44:39 ----A---- C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-20 16:44:39 ----A---- C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-20 16:44:39 ----A---- C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-20 16:44:39 ----A---- C:\WINDOWS\SysWOW64\scksp.dll
2017-03-20 16:44:39 ----A---- C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-20 16:44:38 ----A---- C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-20 16:44:38 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-20 16:44:38 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-20 16:44:38 ----A---- C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-20 16:44:37 ----A---- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-20 16:44:36 ----A---- C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-20 16:44:36 ----A---- C:\WINDOWS\SysWOW64\mscms.dll
2017-03-20 16:44:36 ----A---- C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\netshell.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\msutb.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-20 16:44:35 ----A---- C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-20 16:44:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-20 16:44:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-20 16:44:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-20 16:44:34 ----A---- C:\WINDOWS\SysWOW64\sud.dll
2017-03-20 16:44:34 ----A---- C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-20 16:44:34 ----A---- C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-20 16:44:33 ----A---- C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-20 16:44:33 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-20 16:44:33 ----A---- C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-20 16:44:33 ----A---- C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-20 16:44:32 ----A---- C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-20 16:44:32 ----A---- C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-20 16:44:32 ----A---- C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-20 16:44:31 ----A---- C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-20 16:44:31 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-20 16:44:31 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-20 16:44:31 ----A---- C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-20 16:44:31 ----A---- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-20 16:44:30 ----A---- C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-20 16:44:30 ----A---- C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-20 16:44:30 ----A---- C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-20 16:44:30 ----A---- C:\WINDOWS\SysWOW64\regedit.exe
2017-03-20 16:44:30 ----A---- C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-20 16:44:29 ----A---- C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-20 16:44:29 ----A---- C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-20 16:44:29 ----A---- C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-20 16:44:29 ----A---- C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-20 16:44:29 ----A---- C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-20 16:44:28 ----A---- C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-20 16:44:27 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-20 16:44:27 ----A---- C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-20 16:44:27 ----A---- C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-20 16:44:27 ----A---- C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-20 16:44:27 ----A---- C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-20 16:44:27 ----A---- C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-20 16:44:26 ----A---- C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-20 16:44:26 ----A---- C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-20 16:44:26 ----A---- C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-20 16:44:26 ----A---- C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-20 16:44:26 ----A---- C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-20 16:44:26 ----A---- C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-20 16:44:25 ----A---- C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-20 16:44:24 ----A---- C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-20 16:44:24 ----A---- C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-20 16:44:23 ----A---- C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-20 16:44:23 ----A---- C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-20 16:44:23 ----A---- C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-20 16:44:23 ----A---- C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-20 16:44:23 ----A---- C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-20 16:44:23 ----A---- C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-20 16:44:22 ----A---- C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-20 16:44:22 ----A---- C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-20 16:44:21 ----A---- C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-20 16:44:20 ----A---- C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-20 16:44:20 ----A---- C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-20 16:44:20 ----A---- C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-20 16:44:20 ----A---- C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-20 16:44:20 ----A---- C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-20 16:44:20 ----A---- C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-20 16:44:19 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-20 16:44:17 ----A---- C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-20 16:44:17 ----A---- C:\WINDOWS\SysWOW64\fontext.dll
2017-03-20 16:44:17 ----A---- C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-20 16:44:16 ----A---- C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-20 16:44:16 ----A---- C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-20 16:44:15 ----A---- C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-20 16:44:15 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-20 16:44:15 ----A---- C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-20 16:44:14 ----A---- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-20 16:44:14 ----A---- C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-20 16:44:13 ----A---- C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-20 16:44:13 ----A---- C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-20 16:44:13 ----A---- C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-20 16:44:13 ----A---- C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-20 16:44:13 ----A---- C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-20 16:43:59 ----A---- C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-20 16:43:58 ----A---- C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-20 16:43:34 ----A---- C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-20 16:43:32 ----A---- C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-20 16:43:20 ----A---- C:\WINDOWS\SysWOW64\wmp.dll
2017-03-20 16:43:05 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-20 16:42:50 ----A---- C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-20 16:42:16 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-20 16:42:14 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-20 16:42:11 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-20 16:42:05 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-20 16:41:57 ----A---- C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-20 16:41:48 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-20 16:41:44 ----A---- C:\WINDOWS\HelpPane.exe
2017-03-20 16:41:22 ----A---- C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-20 16:41:18 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-20 16:41:13 ----A---- C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-20 16:41:13 ----A---- C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-20 16:40:52 ----A---- C:\WINDOWS\SysWOW64\aepic.dll
2017-03-20 16:40:50 ----A---- C:\WINDOWS\explorer.exe
2017-03-20 16:40:27 ----A---- C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-20 16:39:57 ----A---- C:\WINDOWS\regedit.exe
2017-03-20 16:39:45 ----A---- C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-20 16:38:20 ----A---- C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-20 15:43:56 ----AD---- C:\Program Files (x86)\Common Files\Skype
2017-03-20 15:43:55 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 month======

2017-04-18 19:58:41 ----D---- C:\WINDOWS\Prefetch
2017-04-18 19:58:23 ----RD---- C:\Program Files (x86)
2017-04-18 19:58:06 ----D---- C:\WINDOWS\Temp
2017-04-18 19:41:28 ----D---- C:\Users\pcone\AppData\Roaming\Spotify
2017-04-18 19:30:34 ----D---- C:\WINDOWS\AppReadiness
2017-04-18 16:31:51 ----D---- C:\WINDOWS\CbsTemp
2017-04-18 13:45:36 ----D---- C:\ProgramData\ASUS Smart Gesture
2017-04-18 13:45:09 ----D---- C:\WINDOWS\System32
2017-04-18 11:17:14 ----SHDC---- C:\WINDOWS\Installer
2017-04-18 11:16:56 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 08:57:04 ----RD---- C:\WINDOWS\Microsoft.NET
2017-04-18 08:56:40 ----AD---- C:\Program Files (x86)\Common Files\Microsoft Shared
2017-04-18 08:56:39 ----D---- C:\Program Files (x86)\Common Files
2017-04-18 08:53:44 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-04-17 20:54:57 ----SHD---- C:\System Volume Information
2017-04-17 09:58:53 ----AD---- C:\Program Files (x86)\Opera
2017-04-16 20:13:24 ----HD---- C:\ProgramData
2017-04-13 22:58:57 ----D---- C:\Users\pcone\AppData\Roaming\vlc
2017-04-13 21:21:53 ----D---- C:\WINDOWS\SysWOW64
2017-04-13 20:27:17 ----D---- C:\Program Files (x86)\Common Files\AV
2017-04-13 09:45:17 ----D---- C:\WINDOWS\WinSxS
2017-04-13 09:29:51 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2017-04-04 13:54:41 ----D---- C:\WINDOWS\INF
2017-04-04 08:41:09 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-04-02 10:24:23 ----RD---- C:\Program Files
2017-04-02 07:29:32 ----RD---- C:\Users
2017-04-01 20:52:38 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-31 18:38:25 ----RD---- C:\WINDOWS\assembly
2017-03-22 19:10:32 ----D---- C:\ProgramData\AVAST Software
2017-03-22 09:17:05 ----D---- C:\Windows
2017-03-20 22:54:08 ----D---- C:\WINDOWS\SysWOW64\sr-Latn-CS
2017-03-20 22:54:07 ----SD---- C:\WINDOWS\SysWOW64\F12
2017-03-20 22:54:07 ----D---- C:\WINDOWS\SysWOW64\setup
2017-03-20 22:54:07 ----D---- C:\WINDOWS\SysWOW64\migration
2017-03-20 22:54:07 ----D---- C:\WINDOWS\SysWOW64\en-US
2017-03-20 22:54:07 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2017-03-20 22:53:40 ----RD---- C:\WINDOWS\PrintDialog
2017-03-20 22:53:40 ----D---- C:\WINDOWS\ShellExperiences
2017-03-20 22:53:38 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-03-20 22:53:37 ----D---- C:\WINDOWS\bcastdvr
2017-03-20 22:53:37 ----D---- C:\WINDOWS\AppPatch
2017-03-20 22:53:37 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-03-20 22:53:37 ----D---- C:\Program Files (x86)\Windows Mail
2017-03-20 22:53:37 ----D---- C:\Program Files (x86)\Windows Defender
2017-03-20 22:53:37 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-20 15:44:09 ----D---- C:\ProgramData\Skype
2017-03-20 15:43:00 ----D---- C:\ProgramData\Package Cache

File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys []
R0 BTATH_BUS;@oem34.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys []
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys []
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys []
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys []
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys []
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys []
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys []
R3 ATP;@oem6.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys []
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys []
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys []
R3 dptf_pch;dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys []
R3 esif_lf;esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys []
R3 HIDSwitch;@oem36.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys []
R3 kbfiltr;@oem30.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [2016-09-12 13754936]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys []
R3 RSUSBVSTOR;@oem19.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys []
R3 RTL8168;@oem23.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys []
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys []
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys []
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys []
S3 ssudmdm;@oem0.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-09-22 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [2014-08-20 71168]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-04-01 261712]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPUserSvc_1b0aaf98;CDPUserSvc_1b0aaf98; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-04-03 3294920]
R2 esifsvc;ESIF Upper Framework Service; C:\Windows\SysWOW64\esif_uf.exe [2014-09-18 1037568]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-01-06 158496]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-01-06 409376]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe []
R2 OneSyncSvc_1b0aaf98;Hostitel synchronizace_1b0aaf98; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-01 7398336]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-01-19 651576]
R3 PimIndexMaintenanceSvc_1b0aaf98;Data kontaktů_1b0aaf98; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 38792]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-02-27 317400]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 38792]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
S3 MessagingService_1b0aaf98;Služba zasílání zpráv_1b0aaf98; C:\WINDOWS\system32\svchost.exe [2016-07-16 38792]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-30 147624]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-04-02 209104]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 38792]

-----------------EOF-----------------


díky za pomoc

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Maca00]

# AdwCleaner v6.045 - Log vytvořen 18/04/2017 v 20:35:27
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-18.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : pcone - PCONEOE
# Spuštěno z : C:\Users\pcone\Downloads\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****

[-] Zástupce vyléčen: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
[-] Zástupce vyléčen: C:\Users\Public\Desktop\Google Chrome.lnk
[-] Zástupce vyléčen: C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Zástupce vyléčen: C:\Users\Public\Desktop\Opera.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Zástupce vyléčen: C:\Users\pcone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
[-] Zástupce vyléčen: C:\Users\pcone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Zástupce vyléčen: C:\Users\pcone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Zástupce vyléčen: C:\Users\pcone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk


***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKU\S-1-5-21-4097441001-3162606549-1844095936-1001\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2522 Bajty] - [18/04/2017 20:35:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [4054 Bajty] - [18/04/2017 20:34:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2668 Bajty] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[Maca00]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by pcone (19-04-2017 17:42:40)
Running from C:\Users\pcone\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-02 14:07:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4097441001-3162606549-1844095936-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4097441001-3162606549-1844095936-503 - Limited - Disabled)
Guest (S-1-5-21-4097441001-3162606549-1844095936-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4097441001-3162606549-1844095936-1003 - Limited - Enabled)
pcone (S-1-5-21-4097441001-3162606549-1844095936-1001 - Administrator - Enabled) => C:\Users\pcone

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (11/11/2015 6.0.0.66) (HKLM\...\82D024CBD181D16D72E5AE45A426919815D5F456) (Version: 11/11/2015 6.0.0.66 - ASUS)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.7369.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4097441001-3162606549-1844095936-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 52.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 cs)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
NVIDIA Ovladače grafiky 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Opera Stable 44.0.2510.1218 (HKLM-x32\...\Opera 44.0.2510.1218) (Version: 44.0.2510.1218 - Opera Software)
Ovládací panel NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.332 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-4097441001-3162606549-1844095936-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0987636B-36AB-42CE-A2A3-E828325BF87A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {09BA1EC4-5A4B-4880-86A1-7BC4266418A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {0BCA980B-3F93-4CAF-A608-1FD482685F58} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {1AC497EC-50CD-43D5-B3F7-6FA98195952D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {2E3DF61F-6A5A-45C3-A81D-9147D6D7BA9D} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {35F82628-CD03-42DE-9021-4B8099B47994} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\pcone\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {3AE57F8A-C320-4BCA-81D1-946E93620855} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {3F851C76-71F1-4366-B0D3-883DF2DBD62C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {4165E65D-635E-4FD7-9E12-EC2709EA785F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {43C0A68A-865B-4768-A711-C4EFD2464442} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {4F4B06AB-60BB-44CC-9C37-46F993303DAC} - \WPD\SqmUpload_S-1-5-21-4097441001-3162606549-1844095936-1001 -> No File <==== ATTENTION
Task: {56851689-3496-42C4-91AA-A2FBCC80C26C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-12] (Adobe Systems Incorporated)
Task: {5868C349-7C74-4BFF-A4CB-1A7DF15DC961} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {5946C921-374C-4566-8EC3-51D3A1CE4A13} - System32\Tasks\Opera scheduled Autoupdate 1443418718 => C:\Program Files (x86)\Opera\launcher.exe [2017-04-12] (Opera Software)
Task: {64A6EFBE-BA5F-4376-8519-025DF6130789} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {65C5BC9C-EC1A-44A0-A741-2902385CF922} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-04] (Microsoft Corporation)
Task: {6CD7CCAF-5081-4A44-86F4-F252F5F7E4D4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-02-12] (Adobe Systems Incorporated)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {6DF1E832-F402-4658-BAAB-2FE1B7AF569D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {72AE74AE-7796-4A27-8549-42200B34E394} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {75896373-63B7-462D-9C97-4C1090C0ACAD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {75E4AE96-F050-4B4B-9A82-FEF77555522D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {772B90D2-681C-426C-93CC-64476787DF70} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7D518B11-99A4-436B-A776-5B2BF1ECCDD8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8346C780-8E81-4DE7-A401-13FEE0040F73} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {87C62567-899D-490B-9623-69F854CB0196} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {92C5FD39-C38C-4700-B018-05E5A045D0CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-29] (Google Inc.)
Task: {973ED96E-CA2F-4B79-A4A8-CC39430DBAAA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A307899D-4E81-4386-8172-E4C0CBC8ADB7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A43A9F18-35AF-4F29-8DF8-1C4BE102A39D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A61E0751-3C72-4B5E-9E04-AF37F85EB36B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {AABCB58D-872E-4AC5-8FC5-23E7308D5E37} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {AE7AD570-9B76-474A-AE2E-FBC1F3502CB3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B04139C1-285A-4B40-8A73-7CA9BA49440C} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {B6DBFBA9-14EA-42CB-BB7A-344FE1FA5824} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B6F5EF86-AB9F-4BC2-8162-7FA6326A470E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-01] (AVAST Software)
Task: {D35655DB-866B-4C4F-BC90-7FC3CFD3CAE0} - System32\Tasks\SafeZone scheduled Autoupdate 1467540662 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {DA4BB102-A6B7-4663-9AA2-AC9FDB6EBF4E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {DAFF03A4-C38A-45B9-881B-BDDB72271218} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {DB8A717C-16B8-4F32-A304-388F81D7A765} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DB94B957-77A2-4F3B-B2CD-2BEBF5DFFDBA} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {DC41BF2D-28AF-44C8-91D4-C0026C0E720B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation)
Task: {E06C8462-EA22-4B6B-A2D7-EE995E88D655} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E5096FC7-F422-478E-8612-0F3506911A49} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {ED4C2AEB-F357-4E67-8A0A-C6A857CD9ABA} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => %SystemRoot%\System32\GWX\GWXUXWorker.exe
Task: {F4E54464-98A1-4281-8E2E-151A32EC47E9} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {F64776C7-2222-4582-8C2C-64DC74D9A720} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-10-05 19:17 - 2016-10-05 19:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-18 16:23 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-02 15:28 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-04-18 16:23 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-18 16:23 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 16:20 - 2016-10-02 16:20 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-20 16:39 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-20 16:41 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-20 16:41 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-20 16:41 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-18 16:23 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-18 16:23 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-08 10:28 - 2016-11-30 22:57 - 00401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-04-19 15:59 - 2017-04-19 15:59 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_4.20.951.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Sports.exe
2017-04-19 15:59 - 2017-04-19 15:59 - 16836096 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_4.20.951.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Sports.dll
2017-03-31 13:22 - 2017-03-31 13:23 - 04123032 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_4.20.951.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-06-29 19:44 - 2016-06-29 19:44 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingSports_4.20.951.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-04-17 09:58 - 2017-04-12 06:37 - 87057496 _____ () C:\Program Files (x86)\Opera\44.0.2510.1218\opera_browser.dll
2017-04-17 09:58 - 2017-04-12 06:37 - 02827352 _____ () C:\Program Files (x86)\Opera\44.0.2510.1218\libglesv2.dll
2017-04-17 09:58 - 2017-04-12 06:37 - 00100440 _____ () C:\Program Files (x86)\Opera\44.0.2510.1218\libegl.dll
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2017-04-01 22:05 - 2017-04-01 22:05 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-03 12:07 - 2016-07-03 12:07 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-01 22:05 - 2017-04-01 22:05 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-01 22:05 - 2017-04-01 22:05 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-04-01 22:05 - 2017-04-01 22:05 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-10-05 19:18 - 2016-10-05 19:18 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-28 22:15 - 2017-04-12 20:24 - 67725936 _____ () C:\Users\pcone\AppData\Roaming\Spotify\libcef.dll
2017-01-28 22:15 - 2017-04-12 20:24 - 00110192 _____ () C:\Users\pcone\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-01-28 22:15 - 2017-04-12 20:24 - 01929840 _____ () C:\Users\pcone\AppData\Roaming\Spotify\libglesv2.dll
2017-01-28 22:15 - 2017-04-12 20:24 - 00087152 _____ () C:\Users\pcone\AppData\Roaming\Spotify\libegl.dll
2016-10-23 08:59 - 2017-04-18 08:51 - 03593920 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\gfx.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4097441001-3162606549-1844095936-1001\...\sharepoint.com -> hxxps://upolomouc.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4097441001-3162606549-1844095936-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pcone\Desktop\Theaterplatz_Chemnitz_Sylvio_Dittrich.jpg
DNS Servers: 134.109.102.132 - 134.109.102.133
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{83963962-11A3-4155-92B5-BA369A5A3323}C:\users\pcone\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pcone\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{72B12A9A-04DB-41D0-9AD9-BFD70776B756}C:\users\pcone\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pcone\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9FF28AA5-8828-48D9-A89B-9DEDF7C73A7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{62D47ED6-075B-4CAD-961F-C0DBB5824D35}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A233C153-0E53-4A13-A96F-43D1FAC9E30E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{499AC4D8-B53E-4EDC-8258-71896C4C4D2B}] => (Allow) LPort=65387
FirewallRules: [{2454253D-2201-4AB7-90C0-D74867A5C0FC}] => (Allow) LPort=65387
FirewallRules: [{6CC0ABB8-D828-43E6-885D-A4DA19BFC34E}] => (Allow) LPort=65388
FirewallRules: [{FD5C0F19-FEA4-40E3-BDE9-81191A456CF8}] => (Allow) LPort=65388
FirewallRules: [{C067F02F-B947-43C4-B00F-56F595286C77}] => (Allow) LPort=65389
FirewallRules: [{16B33382-CE4F-4626-8D4B-47665146B82B}] => (Allow) LPort=65389
FirewallRules: [{119F2917-A1A4-46E5-B5DC-97D6BDC48530}] => (Allow) LPort=65393
FirewallRules: [{122FBB3A-C9AD-42ED-A4EE-DA15CE9283DD}] => (Allow) LPort=65393
FirewallRules: [{E8669D1D-59CD-42C0-94C6-D46940261E6D}] => (Allow) LPort=65394
FirewallRules: [{0C39AA2A-72C3-4BA8-B97B-8CED064660E1}] => (Allow) LPort=65394
FirewallRules: [{5A93BB2C-AA99-412B-A446-AB0C82EBFA32}] => (Allow) LPort=65395
FirewallRules: [{4F904217-B7D8-4C5F-B3ED-15E53B2C3D9B}] => (Allow) LPort=65395
FirewallRules: [{12008253-8D21-4193-97E4-6F5F56049C03}] => (Allow) LPort=65395
FirewallRules: [{32FD606F-99EE-4182-B2A2-76989B127453}] => (Allow) LPort=65395
FirewallRules: [{8328A3A3-940E-4F8C-ABC7-80634526F7E6}] => (Allow) LPort=65396
FirewallRules: [{AC1934DD-9C53-4FF5-A1D7-CCA16139C717}] => (Allow) LPort=65396
FirewallRules: [{FBAAC7C4-6289-475A-80A2-8BA1FFCF4202}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E611B2DF-2BB4-49D3-88DA-1845E544A434}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9457C4B-B0C4-4F2F-84D0-3ECD5AC08000}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A80EB28E-48F0-4472-9627-012F67F0AA65}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A978315E-69A0-4A4C-9C45-1ACE217F5AB0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{39264D62-90BB-470A-946C-8F4BDE2968E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FC3EA4A0-56DB-4AC1-99E6-DDE313EEC068}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{FB38DBF9-A4B5-41DD-980D-7EFFDED2DC79}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0CB73C21-6F4B-48D2-B1DE-74DFD5CAFC45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{45C21774-E3FC-4276-982F-DC3567E2FCAB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1E8DEF94-56AA-4A4B-8D19-140ABC2077E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9556712B-FEED-49FF-A325-D00B79293A09}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{808B607E-62DC-49BD-96FE-EC466CF77DB1}C:\users\pcone\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pcone\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{AAFD602A-3D86-42EE-9004-99A7888D3180}C:\users\pcone\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pcone\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F64F0658-B781-490D-868D-22C9B4E83ED4}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{F8342908-6B9F-40CC-8715-289E42C81F15}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.857\opera.exe
FirewallRules: [{37D344CD-F8A5-4BC5-ABD5-1F59DCD93D4D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{57854B14-32DF-4260-AE73-62BCBD43F970}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1974F423-F5A1-441D-B89C-564E517A28BD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F69B4A0B-C488-46FD-84F4-269FF1D96C43}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C5DF3A58-C14E-445F-BD8E-D9E18CC3DE36}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CE4A6706-006A-4D8E-A243-B67E0028DD68}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{34CA2969-220C-4A98-B749-76EE0782B685}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FA4F9C13-0299-4B38-ACBF-CC38AF679DD6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FF88E174-28FE-4DC3-A9B2-A39212376327}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9067D065-9D86-45A8-8784-905BAFA968D7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BD2FCED9-1323-4872-8FA9-E8D0746F78EE}] => (Allow) C:\Program Files (x86)\Opera\44.0.2510.1218\opera.exe

==================== Restore Points =========================

29-03-2017 21:03:01 Windows Update
13-04-2017 09:26:33 Windows Update
18-04-2017 21:25:01 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2017 04:56:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: edgehtml.dll, verze: 11.0.14393.1066, časové razítko: 0x58d9f67b
Kód výjimky: 0xc0000602
Posun chyby: 0x00000000006df732
ID chybujícího procesu: 0xfe4
Čas spuštění chybující aplikace: 0x01d2b91ccb9c6c66
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\edgehtml.dll
ID zprávy: 34e1cfad-c0d8-4901-abb2-722e54091153
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (04/19/2017 04:54:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: edgehtml.dll, verze: 11.0.14393.1066, časové razítko: 0x58d9f67b
Kód výjimky: 0xc0000602
Posun chyby: 0x00000000006df732
ID chybujícího procesu: 0x1f5c
Čas spuštění chybující aplikace: 0x01d2b91bdf939233
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\edgehtml.dll
ID zprávy: ee78576d-a0de-49ac-b28c-7dae77247012
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (04/19/2017 04:47:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: microsoftedgecp.exe, verze: 11.0.14393.953, časové razítko: 0x58ba5911
Název chybujícího modulu: edgehtml.dll, verze: 11.0.14393.1066, časové razítko: 0x58d9f67b
Kód výjimky: 0xc0000602
Posun chyby: 0x00000000006df732
ID chybujícího procesu: 0x1b4c
Čas spuštění chybující aplikace: 0x01d2b91bbda2dffa
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\edgehtml.dll
ID zprávy: 05699c32-530b-42d8-bead-8da38ecf380a
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge

Error: (04/19/2017 03:55:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.4.19.14, časové razítko: 0x561ca2e5
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.4.19.14, časové razítko: 0x56204ace
Kód výjimky: 0xc0000005
Posun chyby: 0x000d3c6c
ID chybujícího procesu: 0x17c0
Čas spuštění chybující aplikace: 0x01d2b91483396ccf
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: 8123f6f9-724b-4a02-b7e6-7b8932739ca1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/19/2017 12:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.4.19.14, časové razítko: 0x561ca2e5
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.4.19.14, časové razítko: 0x56204ace
Kód výjimky: 0xc0000005
Posun chyby: 0x000d3c6c
ID chybujícího procesu: 0x1fa4
Čas spuštění chybující aplikace: 0x01d2b8fbf5767867
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: df0dc027-894a-422a-8b94-34b052e6aee2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/19/2017 07:50:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.4.19.14, časové razítko: 0x561ca2e5
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.4.19.14, časové razítko: 0x56204ace
Kód výjimky: 0xc0000005
Posun chyby: 0x000d3c6c
ID chybujícího procesu: 0xcd4
Čas spuštění chybující aplikace: 0x01d2b8d0c2f84256
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: ff4cee95-8b42-476a-b00d-4fdf713fe331
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/19/2017 07:46:41 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/18/2017 09:25:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/18/2017 08:46:35 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/18/2017 08:40:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iCloudDrive.exe, verze: 1.4.19.14, časové razítko: 0x561ca2e5
Název chybujícího modulu: iCloudDrive_main.dll, verze: 1.4.19.14, časové razítko: 0x56204ace
Kód výjimky: 0xc0000005
Posun chyby: 0x000d3c6c
ID chybujícího procesu: 0x148c
Čas spuštění chybující aplikace: 0x01d2b8733e5819a9
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive_main.dll
ID zprávy: 6859d0e8-8fd0-4543-8d7d-27408fd181e8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/19/2017 05:44:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 05:02:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 03:54:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 03:54:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 03:54:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 01:25:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 12:58:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 12:58:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 12:58:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (04/19/2017 09:00:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2017-04-04 22:42:20.763
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-02 11:14:59.490
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-28 22:19:43.454
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-29 19:52:30.427
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-20 19:11:33.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-20 19:11:33.821
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-20 19:11:33.804
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-20 19:11:33.795
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-20 19:11:33.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-20 19:11:33.761
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 61%
Total physical RAM: 8094.84 MB
Available physical RAM: 3092.98 MB
Total Virtual: 9374.84 MB
Available Virtual: 3147.21 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:558.9 GB) (Free:483.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:822.25 GB) (Free:810 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: BCFCBF0E)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Toto je pouze Additional. Potřebuji vidět ještě samotný log FRST.