Dobrý den, prosím o kontrolu logu. NTB je velmi pomalý, HD je pořád na 100% výkonu i když nic není spuštěno.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Simona at 2020-02-15 16:20:51
Microsoft Windows 8.1
System drive C: has 224 GB (78%) free of 286 GB
Total RAM: 3982 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:21:00, on 15. 2. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files\trend micro\Simona.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: (no name) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - (no file)
O2 - BHO: (no name) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Simona\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-21-3147881395-1193290844-1118327318-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @oem10.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12245 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\WLANExt.exe 339431962896
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {f52042d0-c8e4-4c44-9325bf86896faf0d}
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19537_none_fa5691419b168859\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
KBFiltr.exe
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\System32\igfxtray.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Program Files\Windows Defender\\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey E06FC321-D025-8498-D6DC-12325F45B35A -Reinvoke
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Simona\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Simona\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.130 --initial-client-data=0x58,0x5c,0x60,0x50,0x64,0x7ff9b95edd08,0x7ff9b95edd18,0x7ff9b95edd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4720 --on-initialized-event-handle=8 --parent-handle=296 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1044,2083789448874362410,5746302884310347154,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=11392424354001867822 --mojo-platform-channel-handle=1068 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1044,2083789448874362410,5746302884310347154,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=8278880261365931899 --mojo-platform-channel-handle=1308 /prefetch:8
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1044,2083789448874362410,5746302884310347154,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11661356690105869460 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1044,2083789448874362410,5746302884310347154,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18300763282204475565 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4496 /prefetch:1
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1044,2083789448874362410,5746302884310347154,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8712733510068153808 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 588 592 600 65536 596
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1044,2083789448874362410,5746302884310347154,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1146241525299642733 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1992 /prefetch:1
taskeng.exe {5ED49CA3-8087-4863-BDF7-D2830EC92A90}
"C:\Users\Simona\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-09-15 221664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-09-15 166360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-05-30 13550152]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-05-20 1308232]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-03-01 4290240]
"com.squirrel.Teams.Teams"=C:\Users\Simona\AppData\Local\Microsoft\Teams\Update.exe [2019-07-22 1789552]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-10-14 24552064]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2013-03-08 95192]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2020-02-15 16:20:51 ----D---- C:\rsit
2020-02-15 16:20:51 ----D---- C:\Program Files\trend micro
2020-02-15 16:14:37 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2020-02-15 11:14:55 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2020-02-15 09:39:50 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-02-15 09:39:49 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-02-15 09:39:46 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-02-15 09:39:45 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-02-15 09:39:44 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-02-15 09:39:44 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-02-15 09:39:44 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-02-15 09:39:43 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-02-15 09:39:42 ----A---- C:\WINDOWS\system32\win32k.sys
2020-02-15 09:39:42 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-02-15 09:39:41 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2020-02-15 09:39:40 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-02-15 09:39:40 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-02-15 09:39:40 ----A---- C:\WINDOWS\system32\wininet.dll
2020-02-15 09:39:40 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-02-15 09:39:39 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-02-15 09:39:39 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2020-02-15 09:39:39 ----A---- C:\WINDOWS\system32\rdpcore.dll
2020-02-15 09:39:39 ----A---- C:\WINDOWS\system32\msi.dll
2020-02-15 09:39:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2020-02-15 09:39:38 ----A---- C:\WINDOWS\system32\iertutil.dll
2020-02-15 09:39:37 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-15 09:39:37 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-02-15 09:39:36 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\uxtheme.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\user32.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\termsrv.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\sysmain.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\jscript.dll
2020-02-15 09:39:36 ----A---- C:\WINDOWS\system32\drivers\http.sys
2020-02-15 09:39:35 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-02-15 09:39:35 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2020-02-15 09:39:35 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2020-02-15 09:39:35 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-02-15 09:39:35 ----A---- C:\WINDOWS\system32\winload.exe
2020-02-15 09:39:35 ----A---- C:\WINDOWS\system32\WerFault.exe
2020-02-15 09:39:35 ----A---- C:\WINDOWS\system32\wer.dll
2020-02-15 09:39:35 ----A---- C:\WINDOWS\system32\urlmon.dll
2020-02-15 09:39:35 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2020-02-15 09:39:35 ----A---- C:\WINDOWS\system32\authui.dll
2020-02-15 09:39:34 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2020-02-15 09:39:34 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2020-02-15 09:39:34 ----A---- C:\WINDOWS\system32\Faultrep.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\SYSWOW64\fdWSD.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\wow64.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\wimserv.exe
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\wimgapi.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\rtutils.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\rdpclip.exe
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\profsvc.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\msfeeds.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-02-15 09:39:33 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2020-02-15 09:39:32 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-02-15 09:39:32 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2020-02-15 09:39:32 ----A---- C:\WINDOWS\SYSWOW64\msfeedsbs.dll
2020-02-15 09:39:32 ----A---- C:\WINDOWS\system32\winresume.exe
2020-02-15 09:39:32 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-02-15 09:39:32 ----A---- C:\WINDOWS\system32\tapisrv.dll
2020-02-15 09:39:32 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2020-02-15 09:39:32 ----A---- C:\WINDOWS\system32\fdWSD.dll
2020-02-15 09:39:31 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2020-02-15 09:39:31 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2020-02-15 09:39:31 ----A---- C:\WINDOWS\system32\wersvc.dll
2020-02-15 09:39:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2020-02-15 09:39:31 ----A---- C:\WINDOWS\system32\keyiso.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\SYSWOW64\Websocket.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\system32\Websocket.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\system32\dxtrans.dll
2020-02-15 09:39:30 ----A---- C:\WINDOWS\system32\certcli.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\SYSWOW64\UXInit.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\UXInit.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\tquery.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\mshtmled.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\iepeers.dll
2020-02-15 09:39:29 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2020-02-15 09:39:28 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-02-15 09:39:28 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-02-15 09:39:28 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-02-15 09:39:28 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-02-15 09:39:28 ----A---- C:\WINDOWS\system32\mssphtb.dll
2020-02-15 09:39:28 ----A---- C:\WINDOWS\system32\mssph.dll
2020-02-15 09:39:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2020-02-15 09:39:27 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-02-15 09:39:27 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2020-02-15 09:39:27 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:03:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2020-01-16 09:03:11 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:03:10 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:03:09 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-01-16 09:03:09 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:03:08 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2020-01-16 09:03:08 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2020-01-16 09:03:08 ----A---- C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:03:05 ----A---- C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\SYSWOW64\wiaaut.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\SYSWOW64\sti.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\sti.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:03:04 ----A---- C:\WINDOWS\system32\conhost.exe
2020-01-16 09:03:03 ----A---- C:\WINDOWS\SYSWOW64\wiadss.dll
2020-01-16 09:03:03 ----A---- C:\WINDOWS\system32\wiadss.dll
======List of files/folders modified in the last 1 month======
2020-02-15 16:20:58 ----D---- C:\WINDOWS\Prefetch
2020-02-15 16:20:51 ----RD---- C:\Program Files
2020-02-15 16:20:43 ----D---- C:\WINDOWS\Temp
2020-02-15 16:19:27 ----RD---- C:\WINDOWS\System32
2020-02-15 16:19:27 ----D---- C:\WINDOWS\Inf
2020-02-15 16:19:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-15 16:16:15 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2020-02-15 16:15:01 ----D---- C:\WINDOWS\system32\config
2020-02-15 16:14:46 ----D---- C:\WINDOWS\Microsoft.NET
2020-02-15 16:14:41 ----D---- C:\WINDOWS\WinSxS
2020-02-15 16:14:37 ----D---- C:\WINDOWS\SysWOW64
2020-02-15 16:14:03 ----D---- C:\WINDOWS\system32\DriverStore
2020-02-15 12:25:16 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2020-02-15 12:25:15 ----D---- C:\WINDOWS\system32\drivers
2020-02-15 12:25:15 ----D---- C:\Program Files\Internet Explorer
2020-02-15 12:25:15 ----D---- C:\Program Files (x86)\Internet Explorer
2020-02-15 12:09:37 ----SHD---- C:\System Volume Information
2020-02-15 12:05:54 ----D---- C:\WINDOWS\CbsTemp
2020-02-15 12:03:51 ----D---- C:\WINDOWS\system32\Tasks
2020-02-15 12:03:46 ----D---- C:\WINDOWS\system32\MRT
2020-02-15 12:01:18 ----D---- C:\WINDOWS\debug
2020-02-15 12:01:14 ----AC---- C:\WINDOWS\system32\MRT.exe
2020-02-15 12:00:03 ----D---- C:\WINDOWS\system32\sru
2020-02-15 10:56:11 ----D---- C:\Windows
2020-02-15 09:33:40 ----SHD---- C:\WINDOWS\Installer
2020-02-15 09:33:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-02-15 09:32:47 ----D---- C:\Program Files\Common Files\microsoft shared
2020-02-15 09:27:51 ----D---- C:\Program Files\Microsoft Office
2020-02-15 09:24:16 ----D---- C:\WINDOWS\system32\catroot2
2020-01-26 15:00:54 ----D---- C:\WINDOWS\ModemLogs
2020-01-17 10:22:00 ----D---- C:\WINDOWS\rescache
2020-01-17 09:49:06 ----RD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-12-10 32544]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 ATP;@oem21.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2013-12-12 70928]
R3 bcbtums;@oem10.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-08-07 170712]
R3 BCM43XX;@oem5.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2014-04-18 8462000]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2019-05-03 81920]
R3 btwampfl;@oem10.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-09-05 166104]
R3 dtlitescsibus;@oem46.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-03-25 30264]
R3 dtliteusbbus;@oem47.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-03-25 47672]
R3 HIDSwitch;@oem12.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-06-04 3441992]
R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-01-09 342528]
R3 iwdbus;@oem27.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem13.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-12-10 12572960]
R3 RSBASTOR;@oem3.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2012-10-08 298640]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-08-04 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2019-10-25 1208320]
S3 btwaudio;@oem6.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2013-10-10 189144]
S3 btwavdt;@oem6.inf,%btwavdt.SvcDesc%;Bluetooth AVDT; C:\WINDOWS\System32\drivers\btwavdt.sys [2013-10-10 230104]
S3 btwl2cap;@oem9.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2012-07-27 40248]
S3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2013-10-10 38616]
S3 dg_ssudbus;@oem65.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2019-09-26 136040]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbenumfilter;@oem19.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 Huawei;@oem30.inf,%Huawei.DeviceDesc%;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2010-10-08 32768]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2013-11-30 226176]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 125952]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [2014-09-30 380672]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 intaud_WaveExtensible;@oem26.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 ssudmdm;@oem66.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2019-09-26 166760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-24 81088]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2013-10-25 976600]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-02-05 11597176]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2014-01-15 351824]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-07-08 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 BcmBtRSupport;@oem10.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-08-07 2252504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe []
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-03-01 1444544]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\elevation_service.exe [2020-01-16 1113072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 264496]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola NTB
Ahoj,
vycisti PC ADWCleanerom + napis aka je velkost adresara plocha
vycisti PC ADWCleanerom + napis aka je velkost adresara plocha
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola NTB
392 MB
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-15-2020
# Duration: 00:00:20
# OS: Windows 8.1
# Cleaned: 97
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SearchesToYesbnd
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\WinTaske
Deleted C:\Program Files (x86)\Winsere
Deleted C:\Users\Public\Documents\dmp
Deleted C:\Users\Simona\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
Deleted C:\Users\Simona\AppData\Roaming\Seznam.cz
Deleted C:\extensions
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF7D2AE1-5CE5-460F-9B2C-1E95CE4B3293}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF7D2AE1-5CE5-460F-9B2C-1E95CE4B3293}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTaske
Deleted HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Deleted HKLM\Software\Wow6432Node\\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Deleted HKLM\Software\Wow6432Node\yessearchesSoftware
Deleted HKLM\Software\Wow6432Node\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted HKLM\Software\Wow6432Node\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Deleted HKLM\Software\Wow6432Node\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
Deleted HKLM\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted HKU\.DEFAULT\SOFTWARE\1B5F60C5B478AC0A628EB62D5EAFEEF0
Deleted HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted HKU\S-1-5-18\SOFTWARE\1B5F60C5B478AC0A628EB62D5EAFEEF0
Deleted HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
Deleted http://www.yessearches.com/?mode=nnnb&p ... C3YmC3EpC0..
Deleted http://www.yessearches.com/?mode=nnnb&p ... C3YmC3EpC0..
Deleted yessearches
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSInstantOn Folder C:\Program Files (x86)\ASUS\ASUS INSTANTON
Deleted Preinstalled.ASUSInstantOn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCF0AF66-00E2-4CDF-A911-67A3C31D8445}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07F90FC9-FDFC-41C3-9CAD-536474AC4218}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0AF66-00E2-4CDF-A911-67A3C31D8445}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update1
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\ASUS LIVE UPDATE1
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSPRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Deleted Preinstalled.ASUSScreenSaver Folder C:\Program Files (x86)\ASUS\ASUS SCREEN SAVER
Deleted Preinstalled.ASUSScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2310EC44-7299-4867-9F0B-994D13CC084A}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BD21041-AF5E-4779-B822-40910965570D}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34276F0-3DA8-4BDA-8551-B43A0E9271F7}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ColorU
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID COLORU
Deleted Preinstalled.ASUSVibe Folder C:\Program Files (x86)\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{14B9BE65-3FE7-4BD3-B394-6004C3694597}
Deleted Preinstalled.ASUSVibe Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14B9BE65-3FE7-4BD3-B394-6004C3694597}
Deleted Preinstalled.ASUSVibe Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AsusVibeSchedule
Deleted Preinstalled.ASUSVibe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Deleted Preinstalled.ASUSVibe Task C:\Windows\System32\Tasks\ASUSVIBESCHEDULE
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE SYNC AGENT
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE SYNC AGENT
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\AZTECA
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\CUT THE ROPE
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PENGUINS!
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TALES OF LAGOONA
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-asus-genres
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [12288 octets] - [15/02/2020 17:24:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-15-2020
# Duration: 00:00:20
# OS: Windows 8.1
# Cleaned: 97
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SearchesToYesbnd
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\WinTaske
Deleted C:\Program Files (x86)\Winsere
Deleted C:\Users\Public\Documents\dmp
Deleted C:\Users\Simona\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
Deleted C:\Users\Simona\AppData\Roaming\Seznam.cz
Deleted C:\extensions
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF7D2AE1-5CE5-460F-9B2C-1E95CE4B3293}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF7D2AE1-5CE5-460F-9B2C-1E95CE4B3293}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinTaske
Deleted HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Deleted HKLM\Software\Wow6432Node\\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Deleted HKLM\Software\Wow6432Node\yessearchesSoftware
Deleted HKLM\Software\Wow6432Node\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted HKLM\Software\Wow6432Node\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
Deleted HKLM\Software\Wow6432Node\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
Deleted HKLM\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted HKU\.DEFAULT\SOFTWARE\1B5F60C5B478AC0A628EB62D5EAFEEF0
Deleted HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
Deleted HKU\S-1-5-18\SOFTWARE\1B5F60C5B478AC0A628EB62D5EAFEEF0
Deleted HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko
***** [ Chromium URLs ] *****
Deleted http://www.yessearches.com/?mode=nnnb&p ... C3YmC3EpC0..
Deleted http://www.yessearches.com/?mode=nnnb&p ... C3YmC3EpC0..
Deleted yessearches
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ASUSInstantOn Folder C:\Program Files (x86)\ASUS\ASUS INSTANTON
Deleted Preinstalled.ASUSInstantOn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCF0AF66-00E2-4CDF-A911-67A3C31D8445}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07F90FC9-FDFC-41C3-9CAD-536474AC4218}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCF0AF66-00E2-4CDF-A911-67A3C31D8445}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update1
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\ASUS LIVE UPDATE1
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSPRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Deleted Preinstalled.ASUSScreenSaver Folder C:\Program Files (x86)\ASUS\ASUS SCREEN SAVER
Deleted Preinstalled.ASUSScreenSaver Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2310EC44-7299-4867-9F0B-994D13CC084A}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BD21041-AF5E-4779-B822-40910965570D}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34276F0-3DA8-4BDA-8551-B43A0E9271F7}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ColorU
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID COLORU
Deleted Preinstalled.ASUSVibe Folder C:\Program Files (x86)\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{14B9BE65-3FE7-4BD3-B394-6004C3694597}
Deleted Preinstalled.ASUSVibe Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14B9BE65-3FE7-4BD3-B394-6004C3694597}
Deleted Preinstalled.ASUSVibe Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AsusVibeSchedule
Deleted Preinstalled.ASUSVibe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Deleted Preinstalled.ASUSVibe Task C:\Windows\System32\Tasks\ASUSVIBESCHEDULE
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE SYNC AGENT
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WEBSTORAGE SYNC AGENT
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\AZTECA
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\CUT THE ROPE
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PENGUINS!
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TALES OF LAGOONA
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-asus-genres
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [12288 octets] - [15/02/2020 17:24:16]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Kontrola NTB
Plocha OK
vycisti PC CCleanerom - hlavne registre
Restart a napis, ci je to lepsie
Ak, nie vloz oba logy FRST
vycisti PC CCleanerom - hlavne registre
Restart a napis, ci je to lepsie
Ak, nie vloz oba logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola NTB
Ahoj, NTB je znatelně rychlejší. Díky! Nicméně pro jistotu přikládám ještě logy z RSFT
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by Simona (administrator) on SIMONKA (ASUSTeK COMPUTER INC. X550VB) (16-02-2020 09:04:50)
Running from C:\Users\Simona\Desktop
Loaded Profiles: UpdatusUser & Simona (Available Profiles: UpdatusUser & Simona)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Simona\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-07-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e773-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e99c-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {6cd0e6f6-71a4-11e4-be7e-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {9610e78f-ed15-11e5-be93-28e34790c99f} - "G:\Autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2013-10-25] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D8C771E-A0EF-4368-BAA9-856DE568EFB5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0E3B32FC-5FD4-4DD2-B7ED-081200912B39} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {116C41DA-2ADB-43D9-B1B4-53027874354D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AA6863D-DF44-4FF0-93CF-FE4589ABC8F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {332B1CD6-4ED7-4360-BA68-4E27E5E0E70C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {574E26B8-4CBB-48BF-84AE-AD3A698564A0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {57900425-CC33-49DE-A3AF-0DD8FFD94E22} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {59EAF83B-C5CA-458A-99B6-083DBCDFD151} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6901F6BA-3969-45FD-96F1-1EBA30838E42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {6BE0E7B5-1AF3-4C90-A25F-DA0BD67BD95C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C8425ED-828E-4032-91F4-3AAE3DD7AD5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {8846A91B-5EFF-4185-B8F1-D541B0D9A22E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8F2D27CD-18D4-41A5-AE17-C91D4952A283} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {973E1323-031D-4262-9E29-1D2479765886} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {985D769D-074C-4F1A-893A-6C1769CF701C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {BB4FA7BE-26F1-4782-BF57-FBC094F02363} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB9C766B-50C1-4685-9B20-634D6A692B98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDCB3834-DC9B-42F0-8C7D-9B49DED4FC9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7F8FC6A-7C74-49F1-AAA9-5DD07701354F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349960 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5476147-2D0E-4D88-903A-B222216E381C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
Task: {D763BED0-3B92-49FC-9902-343F3FEE5AF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8F7066D4-7694-4C57-8A65-84AF34554C33}: [DhcpNameServer] 192.168.56.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {853715EE-F728-4694-B4BB-90C4F45A5031} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default [2020-02-16]
CHR Notifications: Default -> hxxps://www.dobre-knihy.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-31]
CHR Extension: (YouTube) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11597176 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-13] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 O2 Internet. RunOuc; C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [226176 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
R3 RTL8168; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-16 09:04 - 2020-02-16 09:05 - 000026901 _____ C:\Users\Simona\Desktop\FRST.txt
2020-02-16 09:04 - 2020-02-16 09:05 - 000000000 ____D C:\FRST
2020-02-16 09:02 - 2020-02-16 09:02 - 002279424 _____ (Farbar) C:\Users\Simona\Desktop\FRST64.exe
2020-02-15 17:23 - 2020-02-15 17:25 - 000000000 ____D C:\AdwCleaner
2020-02-15 17:23 - 2020-02-15 17:23 - 008356016 _____ (Malwarebytes) C:\Users\Simona\Downloads\adwcleaner_8.0.2.exe
2020-02-15 16:20 - 2020-02-15 16:21 - 000000000 ____D C:\rsit
2020-02-15 16:20 - 2020-02-15 16:21 - 000000000 ____D C:\Program Files\trend micro
2020-02-15 16:20 - 2020-02-15 16:20 - 001222144 _____ C:\Users\Simona\Downloads\RSITx64.exe
2020-02-15 16:14 - 2020-02-03 20:04 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-15 16:14 - 2020-02-03 20:04 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-15 11:14 - 2019-09-25 07:30 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-02-15 09:39 - 2020-02-05 06:21 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-15 09:39 - 2020-01-28 09:19 - 007364048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-15 09:39 - 2020-01-28 09:06 - 001737504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-15 09:39 - 2020-01-28 09:06 - 001677024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-15 09:39 - 2020-01-28 09:06 - 001537768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-15 09:39 - 2020-01-28 09:06 - 001500848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-15 09:39 - 2020-01-28 09:06 - 001371256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-15 09:39 - 2020-01-28 07:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-15 09:39 - 2020-01-28 07:47 - 001501912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-15 09:39 - 2020-01-28 06:55 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-15 09:39 - 2020-01-20 22:48 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-15 09:39 - 2020-01-20 20:32 - 001115136 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-15 09:39 - 2020-01-20 19:46 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-15 09:39 - 2020-01-20 19:42 - 007038464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-15 09:39 - 2020-01-20 19:41 - 003826176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-15 09:39 - 2020-01-20 19:41 - 003551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-15 09:39 - 2020-01-20 19:38 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-15 09:39 - 2020-01-20 19:36 - 003278336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-15 09:39 - 2020-01-16 18:46 - 025754624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-15 09:39 - 2020-01-16 17:11 - 002910720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-15 09:39 - 2020-01-16 17:09 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-02-15 09:39 - 2020-01-16 17:08 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-02-15 09:39 - 2020-01-16 17:03 - 001113848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-15 09:39 - 2020-01-16 16:59 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-15 09:39 - 2020-01-16 16:58 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-15 09:39 - 2020-01-16 16:56 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-15 09:39 - 2020-01-16 16:50 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-02-15 09:39 - 2020-01-16 16:40 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-02-15 09:39 - 2020-01-16 16:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-02-15 09:39 - 2020-01-16 16:37 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-15 09:39 - 2020-01-16 16:36 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-15 09:39 - 2020-01-16 16:36 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-02-15 09:39 - 2020-01-16 16:35 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2020-02-15 09:39 - 2020-01-16 16:34 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-02-15 09:39 - 2020-01-16 16:30 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-02-15 09:39 - 2020-01-16 16:30 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-15 09:39 - 2020-01-16 16:24 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-02-15 09:39 - 2020-01-16 16:24 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2020-02-15 09:39 - 2020-01-16 16:22 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-15 09:39 - 2020-01-16 16:22 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-15 09:39 - 2020-01-16 16:21 - 001441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-15 09:39 - 2020-01-16 16:20 - 015468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-15 09:39 - 2020-01-16 16:20 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-15 09:39 - 2020-01-16 16:15 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-15 09:39 - 2020-01-16 16:14 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-15 09:39 - 2020-01-16 16:13 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-15 09:39 - 2020-01-16 16:12 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-02-15 09:39 - 2020-01-16 16:12 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2020-02-15 09:39 - 2020-01-16 16:09 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-02-15 09:39 - 2020-01-16 16:08 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-15 09:39 - 2020-01-16 16:06 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-15 09:39 - 2020-01-16 16:05 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2020-02-15 09:39 - 2020-01-16 16:04 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-15 09:39 - 2020-01-16 16:03 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-15 09:39 - 2020-01-16 16:00 - 013854208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-15 09:39 - 2020-01-16 15:59 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-15 09:39 - 2020-01-16 15:58 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-15 09:39 - 2020-01-16 15:57 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-15 09:39 - 2020-01-16 15:46 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-02-15 09:39 - 2020-01-16 15:45 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-15 09:39 - 2020-01-16 15:42 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-15 09:39 - 2020-01-16 15:40 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-02-15 09:39 - 2020-01-15 23:21 - 001165672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-15 09:39 - 2020-01-15 23:18 - 000959248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-15 09:39 - 2020-01-13 16:29 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-15 09:39 - 2020-01-13 16:13 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-15 09:39 - 2020-01-13 16:12 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-15 09:39 - 2020-01-13 16:02 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-15 09:39 - 2020-01-11 20:07 - 001546488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-15 09:39 - 2020-01-11 20:05 - 001541896 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-15 09:39 - 2020-01-11 17:57 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-15 09:39 - 2020-01-11 17:49 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-15 09:39 - 2020-01-11 17:44 - 001377280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-15 09:39 - 2020-01-11 17:35 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-15 09:39 - 2020-01-10 18:28 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-15 09:39 - 2020-01-10 16:01 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-15 09:39 - 2020-01-10 00:31 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-15 09:39 - 2020-01-10 00:20 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-15 09:39 - 2020-01-10 00:18 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-15 09:39 - 2020-01-10 00:18 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2020-02-15 09:39 - 2020-01-10 00:11 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-15 09:39 - 2020-01-10 00:02 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-15 09:39 - 2020-01-10 00:00 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-15 09:39 - 2020-01-09 23:36 - 000905728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-15 09:39 - 2020-01-09 23:35 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-15 09:39 - 2020-01-09 23:30 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-15 09:39 - 2020-01-09 23:22 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-15 09:39 - 2020-01-09 23:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-15 09:39 - 2020-01-09 23:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-15 09:39 - 2020-01-09 23:13 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-15 09:39 - 2020-01-09 22:55 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-15 09:39 - 2020-01-09 22:54 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-15 09:39 - 2020-01-08 19:29 - 003326464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-15 09:39 - 2020-01-08 18:40 - 003622912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-15 09:39 - 2020-01-08 18:28 - 002779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2020-02-15 09:39 - 2020-01-08 17:57 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2020-02-15 09:39 - 2019-12-20 16:03 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-15 09:39 - 2019-12-20 01:17 - 000139912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-15 09:39 - 2019-12-20 01:16 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-15 09:39 - 2019-12-20 01:16 - 000466816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-15 09:39 - 2019-12-20 01:16 - 000415224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-15 09:39 - 2019-12-20 01:12 - 000451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-15 09:39 - 2019-12-20 01:12 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-15 09:39 - 2019-12-20 01:12 - 000374072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-15 09:39 - 2019-12-20 01:12 - 000136944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-15 09:39 - 2019-12-18 20:52 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-15 09:39 - 2019-12-17 02:19 - 001191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-02-15 09:39 - 2019-12-17 02:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2020-02-15 09:39 - 2019-12-17 01:39 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2020-02-15 09:39 - 2019-12-17 00:44 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-02-15 09:39 - 2019-12-12 08:01 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-15 09:39 - 2019-12-12 07:43 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-15 09:39 - 2019-12-07 21:08 - 000990160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-16 09:04 - 2014-09-24 17:23 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-16 09:04 - 2014-09-24 16:39 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-16 09:04 - 2014-09-24 16:39 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-16 09:04 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-02-16 08:54 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-16 08:52 - 2014-11-21 18:40 - 000003970 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF622C8F-693B-44EE-8E1F-F8C5DFE8E56D}
2020-02-15 17:49 - 2014-11-17 17:52 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3147881395-1193290844-1118327318-1002
2020-02-15 17:26 - 2013-05-01 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-02-15 17:26 - 2013-05-01 12:16 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-02-15 17:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2020-02-15 16:18 - 2014-11-07 19:20 - 000000062 _____ C:\Users\Simona\AppData\Roaming\sp_data.sys
2020-02-15 16:12 - 2013-08-22 15:44 - 000489608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-15 12:28 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-02-15 12:25 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-02-15 12:05 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-15 12:03 - 2015-05-13 13:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2020-02-15 12:03 - 2014-11-07 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-15 12:01 - 2014-11-07 21:30 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-15 10:57 - 2014-11-17 17:20 - 000000000 ____D C:\Users\UpdatusUser
2020-02-15 09:33 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-15 09:32 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-15 09:27 - 2016-11-06 14:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-10 19:12 - 2019-07-17 16:15 - 000003174 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3147881395-1193290844-1118327318-1002
2020-02-10 19:11 - 2019-07-17 16:15 - 000002305 _____ C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2020-02-05 12:57 - 2014-11-07 19:27 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 12:57 - 2014-11-07 19:26 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-26 15:00 - 2012-07-26 09:12 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-01-23 06:35 - 2014-11-07 19:28 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-18 12:43 - 2019-06-19 16:23 - 000185344 _____ C:\Users\Simona\Downloads\Filmoteka.xls
==================== Files in the root of some directories ========
2014-11-07 19:20 - 2020-02-15 16:18 - 000000062 _____ () C:\Users\Simona\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-02-15 11:40
==================== End of FRST.txt ========================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by Simona (16-02-2020 09:06:56)
Running from C:\Users\Simona\Desktop
Windows 8.1 (Update) (X64) (2014-11-17 16:43:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3147881395-1193290844-1118327318-500 - Administrator - Disabled)
Guest (S-1-5-21-3147881395-1193290844-1118327318-501 - Limited - Disabled)
Simona (S-1-5-21-3147881395-1193290844-1118327318-1002 - Administrator - Enabled) => C:\Users\Simona
UpdatusUser (S-1-5-21-3147881395-1193290844-1118327318-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.170 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20606 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Teams) (Version: 1.2.00.17057 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Packages:
=========
ASUS Tutorial -> C:\Program Files\WindowsApps\B9ECED6F.ASUSTutorial_1.0.0.43_neutral__qmba6cd70vzyy [2014-11-07] (ASUSTeK COMPUTER INC.)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-02-07] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-09-24] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-10] (MAGIX)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-18] (Microsoft Corporation) [MS Ad]
Výběr prohlížeče -> C:\WINDOWS\BrowserChoice [2014-11-21] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2013-07-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Simona\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta programu Fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{075C8C06-DC1A-41D3-A86F-3DD9CBD8CB51}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{3BCC1669-4C41-4DF3-ACEA-F34DFB70F79C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3227D96C-8A7C-407C-A11F-B9165331FE48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C02CC1D-D421-418F-B773-2BC6DD4E760B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9FF6A955-E2C5-4CFD-9F56-0560C28EC5B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{53D7A275-4C4D-4DF4-9058-A943D4960A0F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3E898F03-B780-40BA-BEDF-8B1C26B4FD3D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{658B122A-E253-483F-A806-BB9CA09DC9E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CookServeDelicious\CSDSteamBuild.exe (Vertigo Gaming ) [File not signed]
FirewallRules: [{5DB4C777-A83C-4144-8F92-FE09B775E5E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CookServeDelicious\CSDSteamBuild.exe (Vertigo Gaming ) [File not signed]
FirewallRules: [{BE4527CE-2A5B-4184-9400-66CCB5774BE7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F7EF5EB-E1C4-446F-A123-603E4CFC5036}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{487CD657-2EA0-4FEC-BD28-AD13263AFAF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51CDDE24-016D-4F5B-AECD-FB175F173F28}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6B81296-66BF-470E-BD47-4D9F029AE160}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{968EA77F-2733-4D95-B7E6-6F08AE4541D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4138446-977A-4488-BB59-8B4B906C7313}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC6500B4-3FF1-4C6C-BE98-77B8C084D862}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7557C0F4-7CA2-4288-B1C5-362A979219E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DFEB9F6-0B4C-487E-BD1B-27A295C1C4A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
01-02-2020 11:08:39 Naplánovaný kontrolní bod
15-02-2020 11:41:07 Windows Update
15-02-2020 17:25:12 AdwCleaner_BeforeCleaning_15/02/2020_17:25:12
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2020 04:18:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).
Error: (02/02/2020 06:34:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdateChecker.exe, verze: 0.0.0.0, časové razítko: 0x54dc4378
Název chybujícího modulu: alvupdt.dll, verze: 1.0.0.10, časové razítko: 0x5510b8fc
Kód výjimky: 0xc0000005
Posun chyby: 0x00016eb6
ID chybujícího procesu: 0x165c
Čas spuštění chybující aplikace: 0x01d5d9c776d0ee79
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
ID zprávy: 4d00e7ac-45e2-11ea-beda-10c37b1f4c4e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/31/2020 07:04:08 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (3316) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1216.
Error: (01/31/2020 07:04:08 PM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostex (3316) WebCacheLocal: Obnovení databáze se nezdařilo a došlo k chybě -1216, protože byly zjištěny odkazy na databázi C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, která již není k dispozici. Databáze nebyla před odebráním (či případným přesunutím nebo přejmenováním) převedena do stavu čistého vypnutí. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud nebude znovu vytvořena instance chybějící databáze. Pokud databáze již skutečně není k dispozici a není již nadále požadována, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po klepnutí na odkaz Další informace na konci této zprávy.
Error: (01/31/2020 07:04:08 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostex (3316) WebCacheLocal: Pokus o otevření souboru C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (01/29/2020 06:59:51 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (1644) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -501.
Error: (01/29/2020 06:59:51 AM) (Source: ESENT) (EventID: 465) (User: )
Description: taskhostex (1644) WebCacheLocal: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\V01.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 124 (0x0000007C). Soubor je poškozený a nelze jej použít.
Error: (01/29/2020 06:59:51 AM) (Source: ESENT) (EventID: 477) (User: )
Description: taskhostex (1644) WebCacheLocal: Ověření načtení rozsahu protokolu ze souboru C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\V01.log s posunem 507904 (0x000000000007c000) o 4096 (0x00001000) bajtů se nezdařilo. Došlo k neshodě kontrolního součtu rozsahu. Byl očekáván kontrolní součet 269938621679464145 (0x3bf03bf085ceed1), ale skutečný kontrolní součet byl 269938621679464145 (0x3bf03bf085ceed1). Operace čtení se nezdaří a dojde k chybě -501 (0xfffffe0b). Pokud tento stav potrvá, obnovte soubor protokolu z předchozí zálohy.
System errors:
=============
Error: (02/16/2020 08:55:20 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.
Error: (02/16/2020 08:54:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:29:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.
Error: (02/15/2020 05:28:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:28:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Asus WebStorage Windows Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:28:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ASUS InstantOn Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:26:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (02/15/2020 05:26:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll
Windows Defender:
===================================
Date: 2020-02-01 10:51:11.836
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FEF98672-EC9B-432B-94A4-3B6C29011196}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-01 10:21:23.128
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0CE2726C-9578-40D8-9152-2C5E20311D04}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-31 19:29:48.456
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {74A2EDC3-1902-45FA-A3B2-572712C8EB0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-31 19:03:24.488
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CD623329-EE3B-46D2-AD1F-A8CC4D6596B3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-28 10:41:16.893
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A273A1DF-CED4-4DA9-A563-BA60D912D103}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-05 19:17:27.752
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-24 15:25:46.125
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-24 06:40:31.584
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-10 20:23:31.700
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-07 12:15:07.792
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
CodeIntegrity:
===================================
Date: 2020-02-15 11:50:48.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-17 09:44:18.331
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-07 19:06:53.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-12-12 08:15:12.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-11-14 09:29:48.666
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-24 16:01:48.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-11 07:44:06.780
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-09-13 15:27:08.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X550VB.217 01/22/2014
Motherboard: ASUSTeK COMPUTER INC. X550VB
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 3981.62 MB
Available physical RAM: 2025.64 MB
Total Virtual: 4685.62 MB
Available Virtual: 2766.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:217.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:312.62 GB) NTFS
\\?\Volume{4ec93e8b-60c7-4f7e-bd0a-6a7aee10ca0f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.53 GB) NTFS
\\?\Volume{c1f80401-266d-4ced-94dd-624c8a0e5d2c}\ () (Fixed) (Total:0.44 GB) (Free:0.18 GB) NTFS
\\?\Volume{0e2f1965-50a9-4f22-9982-4839cadcf9fa}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.82 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2967614A)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by Simona (administrator) on SIMONKA (ASUSTeK COMPUTER INC. X550VB) (16-02-2020 09:04:50)
Running from C:\Users\Simona\Desktop
Loaded Profiles: UpdatusUser & Simona (Available Profiles: UpdatusUser & Simona)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Simona\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-07-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e773-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e99c-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {6cd0e6f6-71a4-11e4-be7e-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {9610e78f-ed15-11e5-be93-28e34790c99f} - "G:\Autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2013-10-25] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-04-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D8C771E-A0EF-4368-BAA9-856DE568EFB5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0E3B32FC-5FD4-4DD2-B7ED-081200912B39} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {116C41DA-2ADB-43D9-B1B4-53027874354D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AA6863D-DF44-4FF0-93CF-FE4589ABC8F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {332B1CD6-4ED7-4360-BA68-4E27E5E0E70C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {574E26B8-4CBB-48BF-84AE-AD3A698564A0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {57900425-CC33-49DE-A3AF-0DD8FFD94E22} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
Task: {59EAF83B-C5CA-458A-99B6-083DBCDFD151} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6901F6BA-3969-45FD-96F1-1EBA30838E42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {6BE0E7B5-1AF3-4C90-A25F-DA0BD67BD95C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C8425ED-828E-4032-91F4-3AAE3DD7AD5B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {8846A91B-5EFF-4185-B8F1-D541B0D9A22E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8F2D27CD-18D4-41A5-AE17-C91D4952A283} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {973E1323-031D-4262-9E29-1D2479765886} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {985D769D-074C-4F1A-893A-6C1769CF701C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {BB4FA7BE-26F1-4782-BF57-FBC094F02363} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB9C766B-50C1-4685-9B20-634D6A692B98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDCB3834-DC9B-42F0-8C7D-9B49DED4FC9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7F8FC6A-7C74-49F1-AAA9-5DD07701354F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349960 2020-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5476147-2D0E-4D88-903A-B222216E381C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
Task: {D763BED0-3B92-49FC-9902-343F3FEE5AF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{58E7C123-E521-437B-AE3C-EACAC3600A7E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8F7066D4-7694-4C57-8A65-84AF34554C33}: [DhcpNameServer] 192.168.56.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002 -> {853715EE-F728-4694-B4BB-90C4F45A5031} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default [2020-02-16]
CHR Notifications: Default -> hxxps://www.dobre-knihy.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-28]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-31]
CHR Extension: (YouTube) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11597176 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-13] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 O2 Internet. RunOuc; C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [226176 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
R3 RTL8168; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-16 09:04 - 2020-02-16 09:05 - 000026901 _____ C:\Users\Simona\Desktop\FRST.txt
2020-02-16 09:04 - 2020-02-16 09:05 - 000000000 ____D C:\FRST
2020-02-16 09:02 - 2020-02-16 09:02 - 002279424 _____ (Farbar) C:\Users\Simona\Desktop\FRST64.exe
2020-02-15 17:23 - 2020-02-15 17:25 - 000000000 ____D C:\AdwCleaner
2020-02-15 17:23 - 2020-02-15 17:23 - 008356016 _____ (Malwarebytes) C:\Users\Simona\Downloads\adwcleaner_8.0.2.exe
2020-02-15 16:20 - 2020-02-15 16:21 - 000000000 ____D C:\rsit
2020-02-15 16:20 - 2020-02-15 16:21 - 000000000 ____D C:\Program Files\trend micro
2020-02-15 16:20 - 2020-02-15 16:20 - 001222144 _____ C:\Users\Simona\Downloads\RSITx64.exe
2020-02-15 16:14 - 2020-02-03 20:04 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-15 16:14 - 2020-02-03 20:04 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-15 11:14 - 2019-09-25 07:30 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2020-02-15 09:39 - 2020-02-05 06:21 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-02-15 09:39 - 2020-01-28 09:19 - 007364048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-15 09:39 - 2020-01-28 09:06 - 001737504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-15 09:39 - 2020-01-28 09:06 - 001677024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-15 09:39 - 2020-01-28 09:06 - 001537768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-15 09:39 - 2020-01-28 09:06 - 001500848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-15 09:39 - 2020-01-28 09:06 - 001371256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-15 09:39 - 2020-01-28 07:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-15 09:39 - 2020-01-28 07:47 - 001501912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-15 09:39 - 2020-01-28 06:55 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-15 09:39 - 2020-01-20 22:48 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-15 09:39 - 2020-01-20 20:32 - 001115136 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-02-15 09:39 - 2020-01-20 19:46 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-15 09:39 - 2020-01-20 19:42 - 007038464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-15 09:39 - 2020-01-20 19:41 - 003826176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-15 09:39 - 2020-01-20 19:41 - 003551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-15 09:39 - 2020-01-20 19:38 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-15 09:39 - 2020-01-20 19:36 - 003278336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-15 09:39 - 2020-01-16 18:46 - 025754624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-15 09:39 - 2020-01-16 17:11 - 002910720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-15 09:39 - 2020-01-16 17:09 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-02-15 09:39 - 2020-01-16 17:08 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-02-15 09:39 - 2020-01-16 17:03 - 001113848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-15 09:39 - 2020-01-16 16:59 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-15 09:39 - 2020-01-16 16:58 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-15 09:39 - 2020-01-16 16:56 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-15 09:39 - 2020-01-16 16:50 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-02-15 09:39 - 2020-01-16 16:40 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-02-15 09:39 - 2020-01-16 16:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-02-15 09:39 - 2020-01-16 16:37 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-15 09:39 - 2020-01-16 16:36 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-15 09:39 - 2020-01-16 16:36 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-02-15 09:39 - 2020-01-16 16:35 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2020-02-15 09:39 - 2020-01-16 16:34 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-02-15 09:39 - 2020-01-16 16:30 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-02-15 09:39 - 2020-01-16 16:30 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-15 09:39 - 2020-01-16 16:24 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-02-15 09:39 - 2020-01-16 16:24 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2020-02-15 09:39 - 2020-01-16 16:22 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-02-15 09:39 - 2020-01-16 16:22 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-02-15 09:39 - 2020-01-16 16:21 - 001441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-15 09:39 - 2020-01-16 16:20 - 015468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-15 09:39 - 2020-01-16 16:20 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-02-15 09:39 - 2020-01-16 16:15 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-15 09:39 - 2020-01-16 16:14 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-15 09:39 - 2020-01-16 16:13 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-15 09:39 - 2020-01-16 16:12 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-02-15 09:39 - 2020-01-16 16:12 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2020-02-15 09:39 - 2020-01-16 16:09 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-02-15 09:39 - 2020-01-16 16:08 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-15 09:39 - 2020-01-16 16:06 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-15 09:39 - 2020-01-16 16:05 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2020-02-15 09:39 - 2020-01-16 16:04 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-02-15 09:39 - 2020-01-16 16:03 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-02-15 09:39 - 2020-01-16 16:00 - 013854208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-15 09:39 - 2020-01-16 15:59 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-15 09:39 - 2020-01-16 15:58 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-15 09:39 - 2020-01-16 15:57 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-15 09:39 - 2020-01-16 15:46 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-02-15 09:39 - 2020-01-16 15:45 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-15 09:39 - 2020-01-16 15:42 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-15 09:39 - 2020-01-16 15:40 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-02-15 09:39 - 2020-01-15 23:21 - 001165672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-15 09:39 - 2020-01-15 23:18 - 000959248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-15 09:39 - 2020-01-13 16:29 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-15 09:39 - 2020-01-13 16:13 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-15 09:39 - 2020-01-13 16:12 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-15 09:39 - 2020-01-13 16:02 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-15 09:39 - 2020-01-11 20:07 - 001546488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-15 09:39 - 2020-01-11 20:05 - 001541896 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-15 09:39 - 2020-01-11 17:57 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-15 09:39 - 2020-01-11 17:49 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-15 09:39 - 2020-01-11 17:44 - 001377280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-15 09:39 - 2020-01-11 17:35 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-15 09:39 - 2020-01-10 18:28 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-15 09:39 - 2020-01-10 16:01 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-15 09:39 - 2020-01-10 00:31 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-15 09:39 - 2020-01-10 00:20 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-15 09:39 - 2020-01-10 00:18 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-15 09:39 - 2020-01-10 00:18 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2020-02-15 09:39 - 2020-01-10 00:11 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-15 09:39 - 2020-01-10 00:02 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-15 09:39 - 2020-01-10 00:00 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-15 09:39 - 2020-01-09 23:36 - 000905728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-15 09:39 - 2020-01-09 23:35 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-15 09:39 - 2020-01-09 23:30 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-15 09:39 - 2020-01-09 23:22 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-15 09:39 - 2020-01-09 23:21 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-15 09:39 - 2020-01-09 23:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-15 09:39 - 2020-01-09 23:13 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-15 09:39 - 2020-01-09 22:55 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-15 09:39 - 2020-01-09 22:54 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-15 09:39 - 2020-01-08 19:29 - 003326464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-15 09:39 - 2020-01-08 18:40 - 003622912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-15 09:39 - 2020-01-08 18:28 - 002779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2020-02-15 09:39 - 2020-01-08 17:57 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2020-02-15 09:39 - 2019-12-20 16:03 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-15 09:39 - 2019-12-20 01:17 - 000139912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-15 09:39 - 2019-12-20 01:16 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-15 09:39 - 2019-12-20 01:16 - 000466816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-15 09:39 - 2019-12-20 01:16 - 000415224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-15 09:39 - 2019-12-20 01:12 - 000451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-15 09:39 - 2019-12-20 01:12 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-15 09:39 - 2019-12-20 01:12 - 000374072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-15 09:39 - 2019-12-20 01:12 - 000136944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-15 09:39 - 2019-12-18 20:52 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-15 09:39 - 2019-12-17 02:19 - 001191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-02-15 09:39 - 2019-12-17 02:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2020-02-15 09:39 - 2019-12-17 01:39 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2020-02-15 09:39 - 2019-12-17 00:44 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-02-15 09:39 - 2019-12-12 08:01 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-15 09:39 - 2019-12-12 07:43 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-15 09:39 - 2019-12-07 21:08 - 000990160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-16 09:04 - 2014-09-24 17:23 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-16 09:04 - 2014-09-24 16:39 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-16 09:04 - 2014-09-24 16:39 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-16 09:04 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-02-16 08:54 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-16 08:52 - 2014-11-21 18:40 - 000003970 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FF622C8F-693B-44EE-8E1F-F8C5DFE8E56D}
2020-02-15 17:49 - 2014-11-17 17:52 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3147881395-1193290844-1118327318-1002
2020-02-15 17:26 - 2013-05-01 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2020-02-15 17:26 - 2013-05-01 12:16 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-02-15 17:16 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2020-02-15 16:18 - 2014-11-07 19:20 - 000000062 _____ C:\Users\Simona\AppData\Roaming\sp_data.sys
2020-02-15 16:12 - 2013-08-22 15:44 - 000489608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-15 12:28 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-02-15 12:25 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-02-15 12:05 - 2012-07-26 08:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-15 12:03 - 2015-05-13 13:33 - 000003464 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2020-02-15 12:03 - 2014-11-07 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-15 12:01 - 2014-11-07 21:30 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-15 10:57 - 2014-11-17 17:20 - 000000000 ____D C:\Users\UpdatusUser
2020-02-15 09:33 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-15 09:32 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-15 09:27 - 2016-11-06 14:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-10 19:12 - 2019-07-17 16:15 - 000003174 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3147881395-1193290844-1118327318-1002
2020-02-10 19:11 - 2019-07-17 16:15 - 000002305 _____ C:\Users\Simona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2020-02-05 12:57 - 2014-11-07 19:27 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 12:57 - 2014-11-07 19:26 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-26 15:00 - 2012-07-26 09:12 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-01-23 06:35 - 2014-11-07 19:28 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-18 12:43 - 2019-06-19 16:23 - 000185344 _____ C:\Users\Simona\Downloads\Filmoteka.xls
==================== Files in the root of some directories ========
2014-11-07 19:20 - 2020-02-15 16:18 - 000000062 _____ () C:\Users\Simona\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-02-15 11:40
==================== End of FRST.txt ========================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by Simona (16-02-2020 09:06:56)
Running from C:\Users\Simona\Desktop
Windows 8.1 (Update) (X64) (2014-11-17 16:43:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3147881395-1193290844-1118327318-500 - Administrator - Disabled)
Guest (S-1-5-21-3147881395-1193290844-1118327318-501 - Limited - Disabled)
Simona (S-1-5-21-3147881395-1193290844-1118327318-1002 - Administrator - Enabled) => C:\Users\Simona
UpdatusUser (S-1-5-21-3147881395-1193290844-1118327318-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.170 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20606 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\Teams) (Version: 1.2.00.17057 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
Windows Driver Package - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Packages:
=========
ASUS Tutorial -> C:\Program Files\WindowsApps\B9ECED6F.ASUSTutorial_1.0.0.43_neutral__qmba6cd70vzyy [2014-11-07] (ASUSTeK COMPUTER INC.)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-02-07] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-09-24] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-01] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-10] (MAGIX)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-18] (Microsoft Corporation) [MS Ad]
Výběr prohlížeče -> C:\WINDOWS\BrowserChoice [2014-11-21] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3147881395-1193290844-1118327318-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Simona\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2013-07-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
HKU\S-1-5-21-3147881395-1193290844-1118327318-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Simona\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Tapeta programu Fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{075C8C06-DC1A-41D3-A86F-3DD9CBD8CB51}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{3BCC1669-4C41-4DF3-ACEA-F34DFB70F79C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3227D96C-8A7C-407C-A11F-B9165331FE48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C02CC1D-D421-418F-B773-2BC6DD4E760B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9FF6A955-E2C5-4CFD-9F56-0560C28EC5B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{53D7A275-4C4D-4DF4-9058-A943D4960A0F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3E898F03-B780-40BA-BEDF-8B1C26B4FD3D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{658B122A-E253-483F-A806-BB9CA09DC9E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CookServeDelicious\CSDSteamBuild.exe (Vertigo Gaming ) [File not signed]
FirewallRules: [{5DB4C777-A83C-4144-8F92-FE09B775E5E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CookServeDelicious\CSDSteamBuild.exe (Vertigo Gaming ) [File not signed]
FirewallRules: [{BE4527CE-2A5B-4184-9400-66CCB5774BE7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1F7EF5EB-E1C4-446F-A123-603E4CFC5036}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{487CD657-2EA0-4FEC-BD28-AD13263AFAF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51CDDE24-016D-4F5B-AECD-FB175F173F28}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6B81296-66BF-470E-BD47-4D9F029AE160}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{968EA77F-2733-4D95-B7E6-6F08AE4541D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4138446-977A-4488-BB59-8B4B906C7313}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC6500B4-3FF1-4C6C-BE98-77B8C084D862}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7557C0F4-7CA2-4288-B1C5-362A979219E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DFEB9F6-0B4C-487E-BD1B-27A295C1C4A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
01-02-2020 11:08:39 Naplánovaný kontrolní bod
15-02-2020 11:41:07 Windows Update
15-02-2020 17:25:12 AdwCleaner_BeforeCleaning_15/02/2020_17:25:12
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/06/2020 04:18:44 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).
Error: (02/02/2020 06:34:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdateChecker.exe, verze: 0.0.0.0, časové razítko: 0x54dc4378
Název chybujícího modulu: alvupdt.dll, verze: 1.0.0.10, časové razítko: 0x5510b8fc
Kód výjimky: 0xc0000005
Posun chyby: 0x00016eb6
ID chybujícího procesu: 0x165c
Čas spuštění chybující aplikace: 0x01d5d9c776d0ee79
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
ID zprávy: 4d00e7ac-45e2-11ea-beda-10c37b1f4c4e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/31/2020 07:04:08 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (3316) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1216.
Error: (01/31/2020 07:04:08 PM) (Source: ESENT) (EventID: 494) (User: )
Description: taskhostex (3316) WebCacheLocal: Obnovení databáze se nezdařilo a došlo k chybě -1216, protože byly zjištěny odkazy na databázi C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, která již není k dispozici. Databáze nebyla před odebráním (či případným přesunutím nebo přejmenováním) převedena do stavu čistého vypnutí. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud nebude znovu vytvořena instance chybějící databáze. Pokud databáze již skutečně není k dispozici a není již nadále požadována, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po klepnutí na odkaz Další informace na konci této zprávy.
Error: (01/31/2020 07:04:08 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostex (3316) WebCacheLocal: Pokus o otevření souboru C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (01/29/2020 06:59:51 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (1644) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -501.
Error: (01/29/2020 06:59:51 AM) (Source: ESENT) (EventID: 465) (User: )
Description: taskhostex (1644) WebCacheLocal: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\V01.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 124 (0x0000007C). Soubor je poškozený a nelze jej použít.
Error: (01/29/2020 06:59:51 AM) (Source: ESENT) (EventID: 477) (User: )
Description: taskhostex (1644) WebCacheLocal: Ověření načtení rozsahu protokolu ze souboru C:\Users\Simona\AppData\Local\Microsoft\Windows\WebCache\V01.log s posunem 507904 (0x000000000007c000) o 4096 (0x00001000) bajtů se nezdařilo. Došlo k neshodě kontrolního součtu rozsahu. Byl očekáván kontrolní součet 269938621679464145 (0x3bf03bf085ceed1), ale skutečný kontrolní součet byl 269938621679464145 (0x3bf03bf085ceed1). Operace čtení se nezdaří a dojde k chybě -501 (0xfffffe0b). Pokud tento stav potrvá, obnovte soubor protokolu z předchozí zálohy.
System errors:
=============
Error: (02/16/2020 08:55:20 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.
Error: (02/16/2020 08:54:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:29:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.
Error: (02/15/2020 05:28:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:28:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Asus WebStorage Windows Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:28:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ASUS InstantOn Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (02/15/2020 05:26:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (02/15/2020 05:26:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll
Windows Defender:
===================================
Date: 2020-02-01 10:51:11.836
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FEF98672-EC9B-432B-94A4-3B6C29011196}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-01 10:21:23.128
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0CE2726C-9578-40D8-9152-2C5E20311D04}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-31 19:29:48.456
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {74A2EDC3-1902-45FA-A3B2-572712C8EB0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-31 19:03:24.488
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CD623329-EE3B-46D2-AD1F-A8CC4D6596B3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-01-28 10:41:16.893
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A273A1DF-CED4-4DA9-A563-BA60D912D103}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-02-05 19:17:27.752
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-24 15:25:46.125
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-24 06:40:31.584
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-10 20:23:31.700
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2020-01-07 12:15:07.792
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
CodeIntegrity:
===================================
Date: 2020-02-15 11:50:48.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-17 09:44:18.331
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-01-07 19:06:53.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-12-12 08:15:12.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-11-14 09:29:48.666
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-24 16:01:48.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-10-11 07:44:06.780
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-09-13 15:27:08.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X550VB.217 01/22/2014
Motherboard: ASUSTeK COMPUTER INC. X550VB
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 3981.62 MB
Available physical RAM: 2025.64 MB
Total Virtual: 4685.62 MB
Available Virtual: 2766.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:217.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:312.62 GB) NTFS
\\?\Volume{4ec93e8b-60c7-4f7e-bd0a-6a7aee10ca0f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.53 GB) NTFS
\\?\Volume{c1f80401-266d-4ced-94dd-624c8a0e5d2c}\ () (Fixed) (Total:0.44 GB) (Free:0.18 GB) NTFS
\\?\Volume{0e2f1965-50a9-4f22-9982-4839cadcf9fa}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.82 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2967614A)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Kontrola NTB
pouzi fixlist.txt
Kód: Vybrat vše
Start
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e773-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e99c-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {6cd0e6f6-71a4-11e4-be7e-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {9610e78f-ed15-11e5-be93-28e34790c99f} - "G:\Autorun.exe"
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
S2 O2 Internet. RunOuc; C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => -> No File
EmptyTemp:
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola NTB
Hotovo.
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by Simona (16-02-2020 13:29:39) Run:1
Running from C:\Users\Simona\Desktop
Loaded Profiles: UpdatusUser & Simona (Available Profiles: UpdatusUser & Simona)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e773-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e99c-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {6cd0e6f6-71a4-11e4-be7e-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {9610e78f-ed15-11e5-be93-28e34790c99f} - "G:\Autorun.exe"
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
S2 O2 Internet. RunOuc; C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => -> No File
EmptyTemp:
End
*****************
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fb3e773-e112-11e4-be86-28e34790c99f} => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fb3e99c-e112-11e4-be86-28e34790c99f} => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cd0e6f6-71a4-11e4-be7e-28e34790c99f} => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9610e78f-ed15-11e5-be93-28e34790c99f} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\System\CurrentControlSet\Services\O2 Internet. RunOuc => removed successfully
O2 Internet. RunOuc => service removed successfully
HKLM\System\CurrentControlSet\Services\hwusbdev => removed successfully
hwusbdev => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6902985 B
Java, Flash, Steam htmlcache => 570 B
Windows/system/drivers => 6399195 B
Edge => 0 B
Chrome => 49021767 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6948 B
Users => 6948 B
ProgramData => 6948 B
Public => 6948 B
systemprofile => 6948 B
systemprofile32 => 7076 B
LocalService => 7076 B
NetworkService => 9132220 B
UpdatusUser => 12703932 B
Simona => 19219075 B
RecycleBin => 0 B
EmptyTemp: => 106.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:30:05 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2020
Ran by Simona (16-02-2020 13:29:39) Run:1
Running from C:\Users\Simona\Desktop
Loaded Profiles: UpdatusUser & Simona (Available Profiles: UpdatusUser & Simona)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e773-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {5fb3e99c-e112-11e4-be86-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {6cd0e6f6-71a4-11e4-be7e-28e34790c99f} - "F:\AutoRun.exe"
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\...\MountPoints2: {9610e78f-ed15-11e5-be93-28e34790c99f} - "G:\Autorun.exe"
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
S2 O2 Internet. RunOuc; C:\Users\Simona\Desktop\O2 Internet\UpdateDog\ouc.exe [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => -> No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => -> No File
EmptyTemp:
End
*****************
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fb3e773-e112-11e4-be86-28e34790c99f} => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fb3e99c-e112-11e4-be86-28e34790c99f} => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cd0e6f6-71a4-11e4-be7e-28e34790c99f} => removed successfully
HKU\S-1-5-21-3147881395-1193290844-1118327318-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9610e78f-ed15-11e5-be93-28e34790c99f} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\System\CurrentControlSet\Services\O2 Internet. RunOuc => removed successfully
O2 Internet. RunOuc => service removed successfully
HKLM\System\CurrentControlSet\Services\hwusbdev => removed successfully
hwusbdev => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_B => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_O => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\!AsusWSShellExt_U => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6902985 B
Java, Flash, Steam htmlcache => 570 B
Windows/system/drivers => 6399195 B
Edge => 0 B
Chrome => 49021767 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6948 B
Users => 6948 B
ProgramData => 6948 B
Public => 6948 B
systemprofile => 6948 B
systemprofile32 => 7076 B
LocalService => 7076 B
NetworkService => 9132220 B
UpdatusUser => 12703932 B
Simona => 19219075 B
RecycleBin => 0 B
EmptyTemp: => 106.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:30:05 ====
Re: Kontrola NTB
U mna hotovo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola NTB
U mne taky, NTB šlape jak za mlada. Manželka děkuje a můj peněžní ústav vám něco málo pomohl s provozem vašeho fóra. Děkuji. 
Možno uzavřít.
Možno uzavřít.
Re: Kontrola NTB
Zdravim manzelku za prispevok dakujeme
za prispevok dakujemeFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?