Zdravím, potřebuji o kontrolu logu.. je pravděpodobně zavirovaný, na chrome vyskakujou sami od sebe reklamy, ruský stránky apod.
Děkuji moc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2017
Ran by ASUS (administrator) on LIDU (31-05-2017 19:37:22)
Running from C:\Users\ASUS\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: ASUS (Available Profiles: ASUS)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2016-03-14] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-13] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-02-27]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{0a4cc518-2bfb-41b5-91be-66a7f7d37882}: [DhcpNameServer] 192.168.120.1
Tcpip\..\Interfaces\{0c3b26a4-9adc-463a-8d38-7f9aa614a35c}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {1DB58ED7-2969-4F51-84A9-04218550E90D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {3FDF0962-2FE9-429C-AD31-2DB35658E88D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {4FB8CC5C-7885-4B2F-A4E5-5EF0596BE49B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {7EC60D81-974E-46E4-9D90-ACE4D416F837} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {8D350B4F-8E51-4613-9323-AA479A980286} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {94484A27-EC09-48A1-8B2E-F788231EE739} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {A44E1BDC-C19F-44CD-B45A-EAC5A5687594} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {BB204C9A-03DB-4358-871F-7A2C973AE900} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {FD4A73C7-40AE-4F0A-B2D5-AC2E1A5D8FF0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
Chrome:
=======
CHR HomePage: Default -> hxxps://www.facebook.com/
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-05-31]
CHR Extension: (Dokumenty Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-29]
CHR Extension: (Disk Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-29]
CHR Extension: (Seznam Lištička - Email) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-03-19]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-21]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-29]
CHR Extension: (Adblock Plus) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-29]
CHR Extension: (Speed Limit Grabber) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgndioidlhgceikdlgjcnihgnmmbnpgg [2017-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-05-02]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-29]
CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-13] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-13] (AVAST Software)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-13] (AVAST Software s.r.o.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-13] (AVAST Software)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5864696 2015-08-15] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-31] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-31] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-31] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-31 19:37 - 2017-05-31 19:37 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-31 19:37 - 2017-05-31 19:37 - 00000000 ____D C:\FRST
2017-05-31 19:20 - 2017-05-31 19:32 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-31 19:20 - 2017-05-31 19:32 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-31 19:20 - 2017-05-31 19:32 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-31 19:20 - 2017-05-31 19:32 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-31 19:20 - 2017-05-31 19:20 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-31 19:20 - 2017-05-31 19:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-31 19:20 - 2017-05-31 19:20 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-31 19:20 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-31 19:18 - 2017-05-31 19:25 - 00000000 ____D C:\AdwCleaner
2017-05-31 17:47 - 2017-05-31 17:47 - 00000000 ___HD C:\$AV_ASW
2017-05-22 17:24 - 2017-05-22 17:24 - 00074598 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E21.HDTV.x264-SVA.srt
2017-05-22 17:05 - 2017-05-22 17:15 - 782592000 _____ C:\Users\ASUS\Downloads\Muž na míru-Case of You,A (2013) Komedie Romantický CZ dabing.avi
2017-05-22 17:04 - 2017-05-22 17:13 - 815253282 _____ C:\Users\ASUS\Downloads\Vsechno nebo nic (2017,cz,česky film)ddd.avi
2017-05-21 19:50 - 2017-05-21 19:55 - 737256448 _____ C:\Users\ASUS\Downloads\Dozen_co_se_da_CZ.avi
2017-05-20 16:55 - 2017-05-20 17:00 - 733885138 _____ C:\Users\ASUS\Downloads\Příběh hraček 3-Toy Story 3 (2010) Animovaný Dobrodružný Komedie Rodinný CZ dabing.avi
2017-05-20 16:19 - 2017-05-20 16:23 - 734900224 _____ C:\Users\ASUS\Downloads\PŘÍBĚH-HRAČEK-2---TOY-STORY-2-cz-dabing-1999.AVI.avi
2017-05-19 19:19 - 2017-05-19 19:39 - 329367240 _____ C:\Users\ASUS\Downloads\PŘÍBĚH-HRAČEK-2---TOY-STORY-2-cz-dabing-1999.AVI.avi.crdownload
2017-05-19 15:28 - 2017-05-19 15:33 - 716419072 _____ C:\Users\ASUS\Downloads\Toy Story 1-Příběh hraček CZ-dabing (1995) NOVINKA.avi
2017-05-15 21:08 - 2017-05-17 16:43 - 00000000 ___HD C:\Users\ASUS\Desktop\.picasaoriginals
2017-05-13 11:43 - 2017-05-13 11:43 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-13 11:43 - 2017-05-13 11:43 - 00000000 ____D C:\Users\ASUS\AppData\Local\DBG
2017-05-12 23:28 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-12 23:28 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-12 23:28 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-12 23:28 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-12 23:28 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-12 23:28 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-12 23:28 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-12 23:28 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-12 23:28 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-12 23:28 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-12 23:28 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-12 23:28 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-12 23:28 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-12 23:28 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-12 23:28 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-12 23:28 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-12 23:28 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-12 23:28 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-12 23:28 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-12 23:28 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-12 23:28 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-12 23:28 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-12 23:28 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-12 23:28 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-12 23:28 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-12 23:28 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-12 23:28 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-12 23:28 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-12 23:28 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-12 23:28 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-12 23:28 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-12 23:28 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-12 23:28 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-12 23:28 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-12 23:28 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-12 23:28 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-12 23:28 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-12 23:28 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-12 23:28 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-12 23:28 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-12 23:28 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-12 23:28 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-12 23:28 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-12 23:28 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-12 23:28 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-12 23:28 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-12 23:28 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-12 23:28 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-12 23:28 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-12 23:28 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-12 23:28 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-12 23:28 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-12 23:28 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-12 23:28 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-12 23:28 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-12 23:28 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-12 23:28 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-12 23:28 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-12 23:28 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-12 23:28 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-12 23:28 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-12 23:28 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-12 23:28 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-12 23:28 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-12 23:28 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-12 23:28 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-12 23:28 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-12 23:28 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-12 23:28 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-12 23:28 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-12 23:28 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-12 00:38 - 2017-05-12 00:38 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-12 00:38 - 2017-05-12 00:38 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-12 00:32 - 2017-05-11 23:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-12 00:31 - 2017-05-12 00:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files\MSBuild
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-12 00:26 - 2017-05-12 00:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-12 00:25 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-12 00:25 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-12 00:24 - 2017-05-12 00:24 - 00000020 ___SH C:\Users\ASUS\ntuser.ini
2017-05-12 00:19 - 2017-05-12 00:20 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-12 00:19 - 2017-05-12 00:20 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-12 00:12 - 2017-05-31 19:33 - 00002798 _____ C:\WINDOWS\System32\Tasks\AutoKMSDaily
2017-05-12 00:12 - 2017-05-31 19:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-12 00:12 - 2017-05-31 17:50 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F91726F-14C8-4CC1-87A7-1A84A6AD616F}
2017-05-12 00:12 - 2017-05-31 17:50 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-05-12 00:12 - 2017-05-31 17:50 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-12 00:12 - 2017-05-25 20:24 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-12 00:12 - 2017-05-12 00:29 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-12 00:12 - 2017-05-12 00:12 - 00003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-12 00:12 - 2017-05-12 00:12 - 00003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-12 00:12 - 2017-05-12 00:12 - 00003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-12 00:12 - 2017-05-12 00:12 - 00003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-12 00:12 - 2017-05-12 00:12 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2017-05-12 00:12 - 2017-05-12 00:12 - 00002926 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2017-05-12 00:12 - 2017-05-12 00:12 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2017-05-12 00:12 - 2017-05-12 00:12 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2017-05-12 00:12 - 2017-05-12 00:12 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2017-05-12 00:12 - 2017-05-12 00:12 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-12 00:12 - 2017-05-12 00:12 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-12 00:12 - 2017-05-12 00:12 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2017-05-12 00:12 - 2017-05-12 00:12 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-05-12 00:12 - 2017-05-12 00:12 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-12 00:11 - 2017-05-30 20:59 - 01887164 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-12 00:03 - 2017-05-12 00:03 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-11 23:57 - 2017-05-11 23:57 - 00000000 ____D C:\ProgramData\USOShared
2017-05-11 23:55 - 2017-05-12 00:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-11 23:52 - 2017-05-19 19:39 - 00000000 ____D C:\Users\ASUS
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Šablony
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Soubory cookie
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Poslední
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Okolní tiskárny
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Okolní síť
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Nabídka Start
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Dokumenty
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Obrázky
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Hudba
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Filmy
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Data aplikací
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\AppData\Local\Data aplikací
2017-05-11 23:51 - 2017-05-11 23:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-11 23:51 - 2017-05-11 23:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-11 23:51 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2017-05-11 23:51 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-11 23:51 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-11 23:50 - 2017-05-31 19:32 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-11 23:50 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-11 23:50 - 2017-05-11 23:50 - 00319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2017-05-11 23:50 - 2017-05-11 23:50 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-11 23:50 - 2017-05-11 23:50 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-11 23:50 - 2017-05-11 23:50 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-11 23:49 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files\Intel
2017-05-11 23:49 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-11 23:49 - 2017-05-11 23:49 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-11 23:49 - 2017-05-11 23:49 - 00000000 ____D C:\Program Files\Realtek
2017-05-11 23:49 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-11 23:49 - 2015-08-15 19:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-05-11 23:49 - 2015-08-15 19:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-11 23:48 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files (x86)\Intel
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____D C:\ProgramData\SetupTPDriver
2017-05-11 23:46 - 2017-05-31 18:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-11 23:46 - 2017-05-13 11:39 - 00400352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 22:23 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 18:27 - 2017-05-10 18:38 - 164644677 _____ C:\Users\ASUS\Downloads\Spongebob.v.kalhotách.S01E01.Hledá.se.kuchař.-.Odklízení.písku.-.Čaj.s.veverkou.SDTV.x264-PiP.mp4
2017-05-10 17:33 - 2017-05-10 18:14 - 729006536 _____ C:\Users\ASUS\Downloads\Jak-se-zbavit-nevěsty-2016-cz-film,super-kvalita.avi
2017-05-09 21:06 - 2017-05-09 22:01 - 984598056 _____ C:\Users\ASUS\Downloads\2bobule-cz-avi.avi
2017-05-09 20:02 - 2017-05-09 20:44 - 729493504 _____ C:\Users\ASUS\Downloads\Bobule-1-(2007)-Cz.avi
2017-05-04 17:16 - 2017-05-04 18:09 - 926356316 _____ C:\Users\ASUS\Downloads\Výměna-manželek-3.5.2017.avi
2017-05-02 19:46 - 2017-05-02 19:46 - 00039044 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E19.HDTV.x264-SVA.srt
2017-05-02 18:43 - 2017-05-02 18:43 - 00046724 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E18.HDTV.x264-SVA.srt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-31 19:38 - 2017-01-02 13:48 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Seznam.cz
2017-05-31 19:35 - 2016-02-27 19:48 - 00000000 ____D C:\Users\ASUS\AppData\Local\ASUS GIFTBOX
2017-05-31 19:34 - 2016-02-27 19:48 - 00000164 _____ C:\Users\ASUS\AppData\Roaming\sp_data.sys
2017-05-31 19:33 - 2016-12-30 00:32 - 00000220 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2017-05-31 19:32 - 2016-02-27 19:48 - 00000000 __SHD C:\Users\ASUS\IntelGraphicsProfiles
2017-05-31 19:30 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 19:28 - 2017-04-26 20:31 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-31 19:28 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 19:21 - 2016-12-29 22:27 - 00000000 ____D C:\Users\ASUS\Desktop\Ostatní
2017-05-31 17:52 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-31 17:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-30 20:59 - 2017-03-20 06:43 - 00808486 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-30 20:59 - 2017-03-20 06:43 - 00167488 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-30 20:51 - 2016-12-29 22:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent
2017-05-29 18:49 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-28 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-24 15:46 - 2016-12-30 11:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 15:42 - 2016-12-30 11:55 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 09:04 - 2017-01-02 13:50 - 00002922 ____H C:\Users\ASUS\Downloads\.picasa.ini
2017-05-16 17:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-15 20:46 - 2017-01-02 13:50 - 00000000 ___HD C:\Users\ASUS\Downloads\.picasaoriginals
2017-05-13 11:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-13 11:43 - 2016-12-29 22:11 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.149466863198402
2017-05-13 11:43 - 2016-12-29 22:11 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-13 11:42 - 2016-12-29 22:11 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-13 11:41 - 2016-02-27 16:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-12 08:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-12 00:45 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-12 00:42 - 2016-02-27 19:49 - 00000000 ____D C:\Users\ASUS\AppData\Local\Packages
2017-05-12 00:40 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-12 00:39 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-12 00:29 - 2016-02-27 19:52 - 00002386 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-12 00:29 - 2016-02-27 19:52 - 00000000 ___RD C:\Users\ASUS\OneDrive
2017-05-12 00:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-12 00:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-12 00:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-12 00:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-12 00:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-12 00:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-12 00:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-12 00:13 - 2017-03-20 06:46 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-12 00:12 - 2017-01-01 21:27 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-12 00:10 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-12 00:09 - 2016-05-21 05:26 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-12 00:04 - 2017-04-17 11:58 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 00:04 - 2017-01-02 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-05-12 00:04 - 2017-01-01 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-12 00:04 - 2016-12-30 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-05-12 00:04 - 2016-12-30 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-05-12 00:04 - 2016-12-29 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2017-05-12 00:04 - 2016-12-29 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-12 00:04 - 2016-12-29 22:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-05-12 00:04 - 2016-05-21 05:27 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-12 00:04 - 2016-05-21 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-12 00:04 - 2016-02-27 18:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2017-05-12 00:04 - 2016-02-27 17:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2017-05-12 00:04 - 2016-02-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-05-12 00:04 - 2016-02-27 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-12 00:04 - 2015-11-30 19:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-12 00:04 - 2015-11-30 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-05-12 00:04 - 2015-11-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-12 00:04 - 2015-10-30 20:19 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-11 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-11 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 23:58 - 2016-12-31 19:54 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-11 23:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-11 23:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-11 23:57 - 2016-12-31 19:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-11 23:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-11 23:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-11 23:56 - 2016-02-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2017-05-11 23:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-11 23:51 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-09 19:51 - 2016-05-21 05:26 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Files in the root of some directories =======
2016-02-27 19:48 - 2017-05-31 19:34 - 0000164 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
2017-05-11 23:50 - 2017-05-11 23:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-23 09:10
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zavirovaný notebook, prosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirovaný notebook, prosim o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirovaný notebook, prosim o kontrolu
# AdwCleaner v6.047 - Log vytvořen 31/05/2017 v 21:37:25
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-31.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : ASUS - LIDU
# Spuštěno z : C:\Users\ASUS\Downloads\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1331 Bajty] - [31/05/2017 19:25:42]
C:\AdwCleaner\AdwCleaner[C2].txt - [1061 Bajty] - [31/05/2017 21:37:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [1581 Bajty] - [31/05/2017 19:24:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [1617 Bajty] - [31/05/2017 21:35:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1280 Bajty] ##########
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-31.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : ASUS - LIDU
# Spuštěno z : C:\Users\ASUS\Downloads\adwcleaner_6.047.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1331 Bajty] - [31/05/2017 19:25:42]
C:\AdwCleaner\AdwCleaner[C2].txt - [1061 Bajty] - [31/05/2017 21:37:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [1581 Bajty] - [31/05/2017 19:24:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [1617 Bajty] - [31/05/2017 21:35:51]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1280 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirovaný notebook, prosim o kontrolu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirovaný notebook, prosim o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2017
Ran by ASUS (administrator) on LIDU (31-05-2017 21:44:18)
Running from C:\Users\ASUS\Desktop\Ostatní
Loaded Profiles: ASUS (Available Profiles: ASUS)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2016-03-14] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-13] (AVAST Software)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-02-27]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{0a4cc518-2bfb-41b5-91be-66a7f7d37882}: [DhcpNameServer] 192.168.120.1
Tcpip\..\Interfaces\{0c3b26a4-9adc-463a-8d38-7f9aa614a35c}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {1DB58ED7-2969-4F51-84A9-04218550E90D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {3FDF0962-2FE9-429C-AD31-2DB35658E88D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {4FB8CC5C-7885-4B2F-A4E5-5EF0596BE49B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {7EC60D81-974E-46E4-9D90-ACE4D416F837} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {8D350B4F-8E51-4613-9323-AA479A980286} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {94484A27-EC09-48A1-8B2E-F788231EE739} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {A44E1BDC-C19F-44CD-B45A-EAC5A5687594} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {BB204C9A-03DB-4358-871F-7A2C973AE900} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {FD4A73C7-40AE-4F0A-B2D5-AC2E1A5D8FF0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
Chrome:
=======
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-05-31]
CHR Extension: (Prezentace Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-31]
CHR Extension: (Dokumenty Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-31]
CHR Extension: (Disk Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-31]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-31]
CHR Extension: (Adblock Plus) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-31]
CHR Extension: (Tabulky Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-31]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-31]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-13] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-13] (AVAST Software)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-13] (AVAST Software s.r.o.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-13] (AVAST Software)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5864696 2015-08-15] (Intel Corporation)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-31] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-31 21:42 - 2017-05-31 21:42 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-31 21:31 - 2017-05-31 21:31 - 04110280 _____ C:\Users\ASUS\Downloads\adwcleaner_6.047.exe
2017-05-31 21:31 - 2017-05-31 21:31 - 04110280 _____ C:\Users\ASUS\Downloads\adwcleaner_6.047 (1).exe
2017-05-31 20:11 - 2017-05-31 20:11 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-31 20:11 - 2017-05-31 20:11 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-31 20:10 - 2017-05-31 20:10 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-31 20:10 - 2017-05-31 20:10 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-31 19:37 - 2017-05-31 21:44 - 00000000 ____D C:\FRST
2017-05-31 19:20 - 2017-05-31 21:39 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-31 19:20 - 2017-05-31 21:39 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-31 19:20 - 2017-05-31 21:39 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-31 19:20 - 2017-05-31 19:32 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-31 19:20 - 2017-05-31 19:20 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-31 19:20 - 2017-05-31 19:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-31 19:20 - 2017-05-31 19:20 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-31 19:20 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-31 19:18 - 2017-05-31 21:37 - 00000000 ____D C:\AdwCleaner
2017-05-31 17:47 - 2017-05-31 17:47 - 00000000 ___HD C:\$AV_ASW
2017-05-22 17:24 - 2017-05-22 17:24 - 00074598 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E21.HDTV.x264-SVA.srt
2017-05-22 17:05 - 2017-05-22 17:15 - 782592000 _____ C:\Users\ASUS\Downloads\Muž na míru-Case of You,A (2013) Komedie Romantický CZ dabing.avi
2017-05-22 17:04 - 2017-05-22 17:13 - 815253282 _____ C:\Users\ASUS\Downloads\Vsechno nebo nic (2017,cz,česky film)ddd.avi
2017-05-21 19:50 - 2017-05-21 19:55 - 737256448 _____ C:\Users\ASUS\Downloads\Dozen_co_se_da_CZ.avi
2017-05-20 16:55 - 2017-05-20 17:00 - 733885138 _____ C:\Users\ASUS\Downloads\Příběh hraček 3-Toy Story 3 (2010) Animovaný Dobrodružný Komedie Rodinný CZ dabing.avi
2017-05-20 16:19 - 2017-05-20 16:23 - 734900224 _____ C:\Users\ASUS\Downloads\PŘÍBĚH-HRAČEK-2---TOY-STORY-2-cz-dabing-1999.AVI.avi
2017-05-19 19:19 - 2017-05-19 19:39 - 329367240 _____ C:\Users\ASUS\Downloads\PŘÍBĚH-HRAČEK-2---TOY-STORY-2-cz-dabing-1999.AVI.avi.crdownload
2017-05-19 15:28 - 2017-05-19 15:33 - 716419072 _____ C:\Users\ASUS\Downloads\Toy Story 1-Příběh hraček CZ-dabing (1995) NOVINKA.avi
2017-05-15 21:08 - 2017-05-17 16:43 - 00000000 ___HD C:\Users\ASUS\Desktop\.picasaoriginals
2017-05-13 11:43 - 2017-05-13 11:43 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-13 11:43 - 2017-05-13 11:43 - 00000000 ____D C:\Users\ASUS\AppData\Local\DBG
2017-05-12 23:28 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-12 23:28 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-12 23:28 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-12 23:28 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-12 23:28 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-12 23:28 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-12 23:28 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-12 23:28 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-12 23:28 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-12 23:28 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-12 23:28 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-12 23:28 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-12 23:28 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-12 23:28 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-12 23:28 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-12 23:28 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-12 23:28 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-12 23:28 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-12 23:28 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-12 23:28 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-12 23:28 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-12 23:28 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-12 23:28 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-12 23:28 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-12 23:28 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-12 23:28 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-12 23:28 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-12 23:28 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-12 23:28 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-12 23:28 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-12 23:28 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-12 23:28 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-12 23:28 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-12 23:28 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-12 23:28 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-12 23:28 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-12 23:28 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-12 23:28 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-12 23:28 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-12 23:28 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-12 23:28 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-12 23:28 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-12 23:28 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-12 23:28 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-12 23:28 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-12 23:28 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-12 23:28 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-12 23:28 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-12 23:28 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-12 23:28 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-12 23:28 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-12 23:28 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-12 23:28 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-12 23:28 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-12 23:28 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-12 23:28 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-12 23:28 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-12 23:28 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-12 23:28 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-12 23:28 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-12 23:28 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-12 23:28 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-12 23:28 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-12 23:28 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-12 23:28 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-12 23:28 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-12 23:28 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-12 23:28 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-12 23:28 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-12 23:28 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-12 23:28 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-12 00:38 - 2017-05-12 00:38 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-12 00:38 - 2017-05-12 00:38 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-12 00:32 - 2017-05-11 23:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-12 00:31 - 2017-05-12 00:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files\MSBuild
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-12 00:26 - 2017-05-12 00:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-12 00:25 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-12 00:25 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-12 00:24 - 2017-05-12 00:24 - 00000020 ___SH C:\Users\ASUS\ntuser.ini
2017-05-12 00:19 - 2017-05-12 00:20 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-12 00:19 - 2017-05-12 00:20 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-12 00:12 - 2017-05-31 21:40 - 00002798 _____ C:\WINDOWS\System32\Tasks\AutoKMSDaily
2017-05-12 00:12 - 2017-05-31 21:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-12 00:12 - 2017-05-31 17:50 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F91726F-14C8-4CC1-87A7-1A84A6AD616F}
2017-05-12 00:12 - 2017-05-31 17:50 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-05-12 00:12 - 2017-05-31 17:50 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-12 00:12 - 2017-05-25 20:24 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-12 00:12 - 2017-05-12 00:29 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-12 00:12 - 2017-05-12 00:12 - 00003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-12 00:12 - 2017-05-12 00:12 - 00003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-12 00:12 - 2017-05-12 00:12 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2017-05-12 00:12 - 2017-05-12 00:12 - 00002926 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2017-05-12 00:12 - 2017-05-12 00:12 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2017-05-12 00:12 - 2017-05-12 00:12 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2017-05-12 00:12 - 2017-05-12 00:12 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2017-05-12 00:12 - 2017-05-12 00:12 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-12 00:12 - 2017-05-12 00:12 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-12 00:12 - 2017-05-12 00:12 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2017-05-12 00:12 - 2017-05-12 00:12 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-05-12 00:12 - 2017-05-12 00:12 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-12 00:11 - 2017-05-31 19:39 - 01918950 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-12 00:03 - 2017-05-12 00:03 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-11 23:57 - 2017-05-11 23:57 - 00000000 ____D C:\ProgramData\USOShared
2017-05-11 23:55 - 2017-05-12 00:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-11 23:52 - 2017-05-19 19:39 - 00000000 ____D C:\Users\ASUS
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Šablony
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Soubory cookie
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Poslední
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Okolní tiskárny
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Okolní síť
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Nabídka Start
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Dokumenty
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Obrázky
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Hudba
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Filmy
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Data aplikací
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\AppData\Local\Data aplikací
2017-05-11 23:51 - 2017-05-11 23:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-11 23:51 - 2017-05-11 23:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-11 23:51 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2017-05-11 23:51 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-11 23:51 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-11 23:50 - 2017-05-31 21:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-11 23:50 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-11 23:50 - 2017-05-11 23:50 - 00319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2017-05-11 23:50 - 2017-05-11 23:50 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-11 23:50 - 2017-05-11 23:50 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-11 23:50 - 2017-05-11 23:50 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-11 23:49 - 2017-05-31 20:08 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-11 23:49 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files\Intel
2017-05-11 23:49 - 2017-05-11 23:49 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-11 23:49 - 2017-05-11 23:49 - 00000000 ____D C:\Program Files\Realtek
2017-05-11 23:49 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-11 23:49 - 2015-08-15 19:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-05-11 23:49 - 2015-08-15 19:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-11 23:48 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files (x86)\Intel
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____D C:\ProgramData\SetupTPDriver
2017-05-11 23:46 - 2017-05-31 21:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-11 23:46 - 2017-05-13 11:39 - 00400352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 22:23 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 18:27 - 2017-05-10 18:38 - 164644677 _____ C:\Users\ASUS\Downloads\Spongebob.v.kalhotách.S01E01.Hledá.se.kuchař.-.Odklízení.písku.-.Čaj.s.veverkou.SDTV.x264-PiP.mp4
2017-05-10 17:33 - 2017-05-10 18:14 - 729006536 _____ C:\Users\ASUS\Downloads\Jak-se-zbavit-nevěsty-2016-cz-film,super-kvalita.avi
2017-05-09 21:06 - 2017-05-09 22:01 - 984598056 _____ C:\Users\ASUS\Downloads\2bobule-cz-avi.avi
2017-05-09 20:02 - 2017-05-09 20:44 - 729493504 _____ C:\Users\ASUS\Downloads\Bobule-1-(2007)-Cz.avi
2017-05-04 17:16 - 2017-05-04 18:09 - 926356316 _____ C:\Users\ASUS\Downloads\Výměna-manželek-3.5.2017.avi
2017-05-02 19:46 - 2017-05-02 19:46 - 00039044 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E19.HDTV.x264-SVA.srt
2017-05-02 18:43 - 2017-05-02 18:43 - 00046724 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E18.HDTV.x264-SVA.srt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-31 21:44 - 2017-01-02 13:48 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Seznam.cz
2017-05-31 21:44 - 2016-12-29 22:27 - 00000000 ____D C:\Users\ASUS\Desktop\Ostatní
2017-05-31 21:41 - 2016-02-27 19:48 - 00000000 ____D C:\Users\ASUS\AppData\Local\ASUS GIFTBOX
2017-05-31 21:40 - 2016-12-30 00:32 - 00000220 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2017-05-31 21:40 - 2016-02-27 19:48 - 00000164 _____ C:\Users\ASUS\AppData\Roaming\sp_data.sys
2017-05-31 21:39 - 2016-02-27 19:48 - 00000000 __SHD C:\Users\ASUS\IntelGraphicsProfiles
2017-05-31 21:37 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 20:11 - 2016-05-21 05:25 - 00000000 ____D C:\Users\ASUS\AppData\Local\Google
2017-05-31 20:10 - 2016-12-29 22:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent
2017-05-31 20:10 - 2016-05-21 05:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-31 19:39 - 2017-03-20 06:43 - 00824540 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-31 19:39 - 2017-03-20 06:43 - 00172128 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-31 19:28 - 2017-04-26 20:31 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-31 19:28 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 17:52 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-31 17:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-29 18:49 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-28 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-24 15:46 - 2016-12-30 11:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 15:42 - 2016-12-30 11:55 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 09:04 - 2017-01-02 13:50 - 00002922 ____H C:\Users\ASUS\Downloads\.picasa.ini
2017-05-16 17:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-15 20:46 - 2017-01-02 13:50 - 00000000 ___HD C:\Users\ASUS\Downloads\.picasaoriginals
2017-05-13 11:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-13 11:43 - 2016-12-29 22:11 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.149466863198402
2017-05-13 11:43 - 2016-12-29 22:11 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-13 11:42 - 2016-12-29 22:11 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-13 11:41 - 2016-02-27 16:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-12 08:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-12 00:45 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-12 00:42 - 2016-02-27 19:49 - 00000000 ____D C:\Users\ASUS\AppData\Local\Packages
2017-05-12 00:40 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-12 00:39 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-12 00:29 - 2016-02-27 19:52 - 00002386 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-12 00:29 - 2016-02-27 19:52 - 00000000 ___RD C:\Users\ASUS\OneDrive
2017-05-12 00:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-12 00:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-12 00:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-12 00:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-12 00:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-12 00:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-12 00:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-12 00:13 - 2017-03-20 06:46 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-12 00:12 - 2017-01-01 21:27 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-12 00:10 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-12 00:04 - 2017-04-17 11:58 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 00:04 - 2017-01-02 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-05-12 00:04 - 2017-01-01 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-12 00:04 - 2016-12-30 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-05-12 00:04 - 2016-12-30 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-05-12 00:04 - 2016-12-29 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2017-05-12 00:04 - 2016-12-29 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-12 00:04 - 2016-12-29 22:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-05-12 00:04 - 2016-05-21 05:27 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-12 00:04 - 2016-05-21 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-12 00:04 - 2016-02-27 18:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2017-05-12 00:04 - 2016-02-27 17:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2017-05-12 00:04 - 2016-02-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-05-12 00:04 - 2016-02-27 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-12 00:04 - 2015-11-30 19:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-12 00:04 - 2015-11-30 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-05-12 00:04 - 2015-11-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-12 00:04 - 2015-10-30 20:19 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-11 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-11 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 23:58 - 2016-12-31 19:54 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-11 23:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-11 23:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-11 23:57 - 2016-12-31 19:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-11 23:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-11 23:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-11 23:56 - 2016-02-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2017-05-11 23:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-11 23:51 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
==================== Files in the root of some directories =======
2016-02-27 19:48 - 2017-05-31 21:40 - 0000164 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
2017-05-11 23:50 - 2017-05-11 23:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-23 09:10
==================== End of FRST.txt ============================
Ran by ASUS (administrator) on LIDU (31-05-2017 21:44:18)
Running from C:\Users\ASUS\Desktop\Ostatní
Loaded Profiles: ASUS (Available Profiles: ASUS)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2016-03-14] (NVIDIA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-13] (AVAST Software)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ASUS\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-02-27]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{0a4cc518-2bfb-41b5-91be-66a7f7d37882}: [DhcpNameServer] 192.168.120.1
Tcpip\..\Interfaces\{0c3b26a4-9adc-463a-8d38-7f9aa614a35c}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {1DB58ED7-2969-4F51-84A9-04218550E90D} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {3FDF0962-2FE9-429C-AD31-2DB35658E88D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {4FB8CC5C-7885-4B2F-A4E5-5EF0596BE49B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {7EC60D81-974E-46E4-9D90-ACE4D416F837} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {8D350B4F-8E51-4613-9323-AA479A980286} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {94484A27-EC09-48A1-8B2E-F788231EE739} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {A44E1BDC-C19F-44CD-B45A-EAC5A5687594} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {BB204C9A-03DB-4358-871F-7A2C973AE900} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> {FD4A73C7-40AE-4F0A-B2D5-AC2E1A5D8FF0} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
Chrome:
=======
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-05-31]
CHR Extension: (Prezentace Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-31]
CHR Extension: (Dokumenty Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-31]
CHR Extension: (Disk Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-31]
CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-31]
CHR Extension: (Adblock Plus) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-31]
CHR Extension: (Tabulky Google) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-31]
CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-31]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-13] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-13] (AVAST Software)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
S2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-13] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-13] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-13] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-13] (AVAST Software s.r.o.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-13] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-13] (AVAST Software)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [100776 2015-06-30] (ASUS Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5864696 2015-08-15] (Intel Corporation)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-31] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-31 21:42 - 2017-05-31 21:42 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-31 21:31 - 2017-05-31 21:31 - 04110280 _____ C:\Users\ASUS\Downloads\adwcleaner_6.047.exe
2017-05-31 21:31 - 2017-05-31 21:31 - 04110280 _____ C:\Users\ASUS\Downloads\adwcleaner_6.047 (1).exe
2017-05-31 20:11 - 2017-05-31 20:11 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-31 20:11 - 2017-05-31 20:11 - 00002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-31 20:10 - 2017-05-31 20:10 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-31 20:10 - 2017-05-31 20:10 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-31 19:37 - 2017-05-31 21:44 - 00000000 ____D C:\FRST
2017-05-31 19:20 - 2017-05-31 21:39 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-31 19:20 - 2017-05-31 21:39 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-31 19:20 - 2017-05-31 21:39 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-31 19:20 - 2017-05-31 19:32 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-31 19:20 - 2017-05-31 19:20 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-31 19:20 - 2017-05-31 19:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-31 19:20 - 2017-05-31 19:20 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-31 19:20 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-31 19:18 - 2017-05-31 21:37 - 00000000 ____D C:\AdwCleaner
2017-05-31 17:47 - 2017-05-31 17:47 - 00000000 ___HD C:\$AV_ASW
2017-05-22 17:24 - 2017-05-22 17:24 - 00074598 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E21.HDTV.x264-SVA.srt
2017-05-22 17:05 - 2017-05-22 17:15 - 782592000 _____ C:\Users\ASUS\Downloads\Muž na míru-Case of You,A (2013) Komedie Romantický CZ dabing.avi
2017-05-22 17:04 - 2017-05-22 17:13 - 815253282 _____ C:\Users\ASUS\Downloads\Vsechno nebo nic (2017,cz,česky film)ddd.avi
2017-05-21 19:50 - 2017-05-21 19:55 - 737256448 _____ C:\Users\ASUS\Downloads\Dozen_co_se_da_CZ.avi
2017-05-20 16:55 - 2017-05-20 17:00 - 733885138 _____ C:\Users\ASUS\Downloads\Příběh hraček 3-Toy Story 3 (2010) Animovaný Dobrodružný Komedie Rodinný CZ dabing.avi
2017-05-20 16:19 - 2017-05-20 16:23 - 734900224 _____ C:\Users\ASUS\Downloads\PŘÍBĚH-HRAČEK-2---TOY-STORY-2-cz-dabing-1999.AVI.avi
2017-05-19 19:19 - 2017-05-19 19:39 - 329367240 _____ C:\Users\ASUS\Downloads\PŘÍBĚH-HRAČEK-2---TOY-STORY-2-cz-dabing-1999.AVI.avi.crdownload
2017-05-19 15:28 - 2017-05-19 15:33 - 716419072 _____ C:\Users\ASUS\Downloads\Toy Story 1-Příběh hraček CZ-dabing (1995) NOVINKA.avi
2017-05-15 21:08 - 2017-05-17 16:43 - 00000000 ___HD C:\Users\ASUS\Desktop\.picasaoriginals
2017-05-13 11:43 - 2017-05-13 11:43 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-13 11:43 - 2017-05-13 11:43 - 00000000 ____D C:\Users\ASUS\AppData\Local\DBG
2017-05-12 23:28 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-12 23:28 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-12 23:28 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-12 23:28 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-12 23:28 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-12 23:28 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-12 23:28 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-12 23:28 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-12 23:28 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-12 23:28 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-12 23:28 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-12 23:28 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-12 23:28 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-12 23:28 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-12 23:28 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-12 23:28 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-12 23:28 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-12 23:28 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-12 23:28 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-12 23:28 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-12 23:28 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-12 23:28 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-12 23:28 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-12 23:28 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-12 23:28 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-12 23:28 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-12 23:28 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-12 23:28 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-12 23:28 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-12 23:28 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-12 23:28 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-12 23:28 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-12 23:28 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-12 23:28 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-12 23:28 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-12 23:28 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-12 23:28 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-12 23:28 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-12 23:28 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-12 23:28 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-12 23:28 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-12 23:28 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-12 23:28 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-12 23:28 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-12 23:28 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-12 23:28 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-12 23:28 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-12 23:28 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-12 23:28 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-12 23:28 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-12 23:28 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-12 23:28 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-12 23:28 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-12 23:28 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-12 23:28 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-12 23:28 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-12 23:28 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-12 23:28 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-12 23:28 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-12 23:28 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-12 23:28 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-12 23:28 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-12 23:28 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-12 23:28 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-12 23:28 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-12 23:28 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-12 23:28 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-12 23:28 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-12 23:28 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-12 23:28 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-12 23:28 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-12 23:28 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-12 23:28 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-12 23:28 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-12 23:28 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-12 23:28 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-12 23:28 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-12 23:28 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-12 23:28 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-12 23:28 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-12 23:28 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-12 23:28 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-12 23:28 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-12 00:38 - 2017-05-12 00:38 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-12 00:38 - 2017-05-12 00:38 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-12 00:38 - 2017-05-12 00:38 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-12 00:38 - 2017-05-12 00:38 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-12 00:38 - 2017-05-12 00:38 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-12 00:32 - 2017-05-11 23:46 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-12 00:31 - 2017-05-12 00:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files\MSBuild
2017-05-12 00:26 - 2017-05-12 00:26 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-12 00:26 - 2017-05-12 00:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-12 00:25 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-12 00:25 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-12 00:25 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-12 00:24 - 2017-05-12 00:24 - 00000020 ___SH C:\Users\ASUS\ntuser.ini
2017-05-12 00:19 - 2017-05-12 00:20 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-12 00:19 - 2017-05-12 00:20 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-12 00:12 - 2017-05-31 21:40 - 00002798 _____ C:\WINDOWS\System32\Tasks\AutoKMSDaily
2017-05-12 00:12 - 2017-05-31 21:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-12 00:12 - 2017-05-31 17:50 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F91726F-14C8-4CC1-87A7-1A84A6AD616F}
2017-05-12 00:12 - 2017-05-31 17:50 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-05-12 00:12 - 2017-05-31 17:50 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-12 00:12 - 2017-05-25 20:24 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-12 00:12 - 2017-05-12 00:29 - 00003266 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-12 00:12 - 2017-05-12 00:12 - 00003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2017-05-12 00:12 - 2017-05-12 00:12 - 00003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2017-05-12 00:12 - 2017-05-12 00:12 - 00002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2017-05-12 00:12 - 2017-05-12 00:12 - 00002926 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2017-05-12 00:12 - 2017-05-12 00:12 - 00002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2017-05-12 00:12 - 2017-05-12 00:12 - 00002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2017-05-12 00:12 - 2017-05-12 00:12 - 00002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2017-05-12 00:12 - 2017-05-12 00:12 - 00002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-12 00:12 - 2017-05-12 00:12 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-05-12 00:12 - 2017-05-12 00:12 - 00002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2017-05-12 00:12 - 2017-05-12 00:12 - 00002214 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2017-05-12 00:12 - 2017-05-12 00:12 - 00001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-05-12 00:12 - 2017-05-12 00:12 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-12 00:11 - 2017-05-31 19:39 - 01918950 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-12 00:03 - 2017-05-12 00:03 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-11 23:57 - 2017-05-11 23:57 - 00000000 ____D C:\ProgramData\USOShared
2017-05-11 23:55 - 2017-05-12 00:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-11 23:52 - 2017-05-19 19:39 - 00000000 ____D C:\Users\ASUS
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Šablony
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Soubory cookie
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Poslední
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Okolní tiskárny
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Okolní síť
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Nabídka Start
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Dokumenty
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Obrázky
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Hudba
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Documents\Filmy
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\Data aplikací
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-05-11 23:52 - 2017-05-11 23:52 - 00000000 _SHDL C:\Users\ASUS\AppData\Local\Data aplikací
2017-05-11 23:51 - 2017-05-11 23:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-11 23:51 - 2017-05-11 23:51 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-11 23:51 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2017-05-11 23:51 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-11 23:51 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-11 23:51 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-11 23:50 - 2017-05-31 21:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-11 23:50 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-11 23:50 - 2017-05-11 23:50 - 00319042 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2017-05-11 23:50 - 2017-05-11 23:50 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-11 23:50 - 2017-05-11 23:50 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-11 23:50 - 2017-05-11 23:50 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-05-11 23:49 - 2017-05-31 20:08 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-11 23:49 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files\Intel
2017-05-11 23:49 - 2017-05-11 23:49 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-11 23:49 - 2017-05-11 23:49 - 00000000 ____D C:\Program Files\Realtek
2017-05-11 23:49 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-11 23:49 - 2015-08-15 19:58 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-05-11 23:49 - 2015-08-15 19:58 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-11 23:48 - 2017-05-11 23:56 - 00000000 ____D C:\Program Files (x86)\Intel
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-11 23:48 - 2017-05-11 23:48 - 00000000 ____D C:\ProgramData\SetupTPDriver
2017-05-11 23:46 - 2017-05-31 21:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-11 23:46 - 2017-05-13 11:39 - 00400352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 22:23 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 18:27 - 2017-05-10 18:38 - 164644677 _____ C:\Users\ASUS\Downloads\Spongebob.v.kalhotách.S01E01.Hledá.se.kuchař.-.Odklízení.písku.-.Čaj.s.veverkou.SDTV.x264-PiP.mp4
2017-05-10 17:33 - 2017-05-10 18:14 - 729006536 _____ C:\Users\ASUS\Downloads\Jak-se-zbavit-nevěsty-2016-cz-film,super-kvalita.avi
2017-05-09 21:06 - 2017-05-09 22:01 - 984598056 _____ C:\Users\ASUS\Downloads\2bobule-cz-avi.avi
2017-05-09 20:02 - 2017-05-09 20:44 - 729493504 _____ C:\Users\ASUS\Downloads\Bobule-1-(2007)-Cz.avi
2017-05-04 17:16 - 2017-05-04 18:09 - 926356316 _____ C:\Users\ASUS\Downloads\Výměna-manželek-3.5.2017.avi
2017-05-02 19:46 - 2017-05-02 19:46 - 00039044 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E19.HDTV.x264-SVA.srt
2017-05-02 18:43 - 2017-05-02 18:43 - 00046724 _____ C:\Users\ASUS\Downloads\Once.Upon.a.Time.S06E18.HDTV.x264-SVA.srt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-31 21:44 - 2017-01-02 13:48 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Seznam.cz
2017-05-31 21:44 - 2016-12-29 22:27 - 00000000 ____D C:\Users\ASUS\Desktop\Ostatní
2017-05-31 21:41 - 2016-02-27 19:48 - 00000000 ____D C:\Users\ASUS\AppData\Local\ASUS GIFTBOX
2017-05-31 21:40 - 2016-12-30 00:32 - 00000220 _____ C:\WINDOWS\Tasks\AutoKMSDaily.job
2017-05-31 21:40 - 2016-02-27 19:48 - 00000164 _____ C:\Users\ASUS\AppData\Roaming\sp_data.sys
2017-05-31 21:39 - 2016-02-27 19:48 - 00000000 __SHD C:\Users\ASUS\IntelGraphicsProfiles
2017-05-31 21:37 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 20:11 - 2016-05-21 05:25 - 00000000 ____D C:\Users\ASUS\AppData\Local\Google
2017-05-31 20:10 - 2016-12-29 22:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\uTorrent
2017-05-31 20:10 - 2016-05-21 05:25 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-31 19:39 - 2017-03-20 06:43 - 00824540 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-31 19:39 - 2017-03-20 06:43 - 00172128 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-31 19:28 - 2017-04-26 20:31 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-31 19:28 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 17:52 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-31 17:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-29 18:49 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-28 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-24 15:46 - 2016-12-30 11:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 15:42 - 2016-12-30 11:55 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 09:04 - 2017-01-02 13:50 - 00002922 ____H C:\Users\ASUS\Downloads\.picasa.ini
2017-05-16 17:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-15 20:46 - 2017-01-02 13:50 - 00000000 ___HD C:\Users\ASUS\Downloads\.picasaoriginals
2017-05-13 11:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-13 11:43 - 2016-12-29 22:11 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.149466863198402
2017-05-13 11:43 - 2016-12-29 22:11 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-13 11:43 - 2016-12-29 22:11 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-13 11:42 - 2017-03-12 16:23 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-13 11:42 - 2016-12-29 22:11 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-13 11:41 - 2016-02-27 16:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-13 00:17 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-12 08:33 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-12 00:45 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-12 00:42 - 2016-02-27 19:49 - 00000000 ____D C:\Users\ASUS\AppData\Local\Packages
2017-05-12 00:40 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-12 00:39 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-12 00:39 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-12 00:29 - 2016-02-27 19:52 - 00002386 _____ C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-12 00:29 - 2016-02-27 19:52 - 00000000 ___RD C:\Users\ASUS\OneDrive
2017-05-12 00:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-12 00:26 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-12 00:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-12 00:22 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-12 00:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-12 00:21 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-12 00:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-12 00:13 - 2017-03-20 06:46 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-12 00:12 - 2017-01-01 21:27 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-12 00:10 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-12 00:04 - 2017-04-17 11:58 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 00:04 - 2017-01-02 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-05-12 00:04 - 2017-01-01 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-12 00:04 - 2016-12-30 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-05-12 00:04 - 2016-12-30 00:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-05-12 00:04 - 2016-12-29 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2017-05-12 00:04 - 2016-12-29 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-05-12 00:04 - 2016-12-29 22:30 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-05-12 00:04 - 2016-05-21 05:27 - 00000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-12 00:04 - 2016-05-21 05:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-12 00:04 - 2016-02-27 18:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2017-05-12 00:04 - 2016-02-27 17:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2017-05-12 00:04 - 2016-02-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-05-12 00:04 - 2016-02-27 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-12 00:04 - 2015-11-30 19:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-05-12 00:04 - 2015-11-30 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-05-12 00:04 - 2015-11-30 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-12 00:04 - 2015-10-30 20:19 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-11 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-11 23:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 23:58 - 2016-12-31 19:54 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-11 23:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-11 23:57 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-11 23:57 - 2016-12-31 19:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-11 23:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-11 23:56 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-11 23:56 - 2016-02-27 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2017-05-11 23:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-11 23:51 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
==================== Files in the root of some directories =======
2016-02-27 19:48 - 2017-05-31 21:40 - 0000164 _____ () C:\Users\ASUS\AppData\Roaming\sp_data.sys
2017-05-11 23:50 - 2017-05-11 23:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-23 09:10
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirovaný notebook, prosim o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\ASUS\Desktop\Ostatní jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirovaný notebook, prosim o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-05-2017
Ran by ASUS (31-05-2017 22:59:10) Run:1
Running from C:\Users\ASUS\Desktop\Ostatní
Loaded Profiles: ASUS (Available Profiles: ASUS)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16956378 B
Java, Flash, Steam htmlcache => 17698063 B
Windows/system/drivers => 515306 B
Edge => 1805 B
Chrome => 25472010 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7048 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 4934 B
NetworkService => 0 B
ASUS => 25914958 B
RecycleBin => 0 B
EmptyTemp: => 90.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:59:23 ====
Ran by ASUS (31-05-2017 22:59:10) Run:1
Running from C:\Users\ASUS\Desktop\Ostatní
Loaded Profiles: ASUS (Available Profiles: ASUS)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
SearchScopes: HKU\S-1-5-21-3780818737-3966584316-312376751-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
C:\ProgramData\DP45977C.lfl
EmptyTemp:
End
*****************
HKU\S-1-5-21-3780818737-3966584316-312376751-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16956378 B
Java, Flash, Steam htmlcache => 17698063 B
Windows/system/drivers => 515306 B
Edge => 1805 B
Chrome => 25472010 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7048 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 4934 B
NetworkService => 0 B
ASUS => 25914958 B
RecycleBin => 0 B
EmptyTemp: => 90.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:59:23 ====
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirovaný notebook, prosim o kontrolu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirovaný notebook, prosim o kontrolu
Ano, vypadá to dobře. Děkuji a můžete uzavřít
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirovaný notebook, prosim o kontrolu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?