Prosím o kontrolu logu + problém

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 18:58

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-17 18:51 - 2017-01-17 18:51 - 00024015 _____ C:\Users\Kedar\Desktop\FRST.txt
2017-01-17 18:50 - 2017-01-17 18:51 - 00000000 ____D C:\FRST
2017-01-17 18:48 - 2017-01-17 18:48 - 00002462 _____ C:\Users\Kedar\Desktop\aswMBR.txt
2017-01-17 18:48 - 2017-01-17 18:48 - 00000512 _____ C:\Users\Kedar\Desktop\MBR.dat
2017-01-17 18:46 - 2017-01-17 18:46 - 05200384 _____ (AVAST Software) C:\Users\Kedar\Desktop\aswmbr.exe
2017-01-17 18:46 - 2017-01-17 18:46 - 03961080 _____ (Crystal Dew World ) C:\Users\Kedar\Desktop\CrystalDiskInfo7_0_5.exe
2017-01-17 18:46 - 2017-01-17 18:46 - 02419200 _____ (Farbar) C:\Users\Kedar\Desktop\FRST64.exe
2017-01-16 23:57 - 2017-01-16 23:57 - 00000000 ____D C:\Users\Pepa\AppData\Local\VirtualStore
2017-01-16 15:33 - 2017-01-16 15:06 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-01-15 21:35 - 2017-01-16 15:30 - 00000000 ____D C:\zoek_backup
2017-01-15 20:52 - 2017-01-15 20:52 - 00037054 _____ C:\Users\Kedar\AppData\Local\recently-used.xbel
2017-01-15 20:37 - 2017-01-15 20:37 - 01309184 _____ C:\Users\Kedar\Desktop\zoek.exe
2017-01-15 14:58 - 2017-01-15 14:58 - 00522516 _____ C:\WINDOWS\Minidump\011517-8125-01.dmp
2017-01-15 14:58 - 2017-01-15 14:58 - 00000000 ____D C:\WINDOWS\Minidump
2017-01-15 13:42 - 2017-01-15 14:29 - 356592127 _____ C:\Users\Kedar\Desktop\Untitled1.mp4
2017-01-15 11:30 - 2017-01-15 20:37 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-01-15 11:29 - 2017-01-15 21:35 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-14 22:16 - 2017-01-14 22:16 - 00000000 ____D C:\ProgramData\Sophos
2017-01-14 22:07 - 2017-01-14 22:08 - 25924168 _____ C:\Users\Kedar\Desktop\RogueKillerX64.exe
2017-01-14 16:40 - 2017-01-14 16:40 - 00002075 _____ C:\Users\Kedar\Desktop\JRT.txt
2017-01-14 16:38 - 2017-01-14 16:38 - 01663040 _____ (Malwarebytes) C:\Users\Kedar\Desktop\JRT.exe
2017-01-14 15:28 - 2017-01-14 15:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\Nero
2017-01-14 15:28 - 2017-01-14 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-01-14 15:27 - 2017-01-14 15:28 - 00000000 ____D C:\Program Files (x86)\Nero
2017-01-14 14:57 - 2017-01-15 14:59 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-14 14:56 - 2017-01-15 14:59 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-14 14:56 - 2017-01-14 14:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-14 14:56 - 2017-01-14 14:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-14 14:35 - 2017-01-14 14:54 - 00000000 ____D C:\AdwCleaner
2017-01-14 13:29 - 2017-01-14 13:31 - 54199488 _____ (Malwarebytes ) C:\Users\Kedar\Downloads\mb3-setup-consumer-3.0.5.1299.exe
2017-01-14 13:28 - 2017-01-14 13:29 - 03988944 _____ C:\Users\Kedar\Desktop\adwcleaner_6.042.exe
2017-01-14 13:27 - 2017-01-14 13:27 - 00448512 _____ (OldTimer Tools) C:\Users\Kedar\Desktop\TFC.exe
2017-01-14 12:50 - 2017-01-14 12:50 - 00702832 _____ C:\Users\Kedar\Downloads\Edit.pdf
2017-01-14 12:43 - 2017-01-14 12:43 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kedar\Desktop\HijackThis.exe
2017-01-14 12:37 - 2017-01-14 12:37 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-01-13 15:54 - 2017-01-13 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloody
2017-01-13 15:53 - 2017-01-13 15:53 - 00000000 ____D C:\Program Files (x86)\Bloody6
2017-01-13 15:39 - 2017-01-13 15:45 - 00013588 _____ C:\Users\Kedar\Desktop\SystemLook.txt
2017-01-12 17:34 - 2017-01-14 22:03 - 00000000 ____D C:\Users\Kedar\AppData\LocalLow\BitTorrent
2017-01-11 19:16 - 2017-01-15 20:52 - 00000000 ____D C:\Users\Kedar\Desktop\BT
2017-01-11 17:35 - 2017-01-11 17:36 - 00000000 ____D C:\Users\Kedar\Desktop\Adobe Acrobat
2017-01-11 17:34 - 2017-01-11 17:35 - 00000000 ____D C:\Users\Kedar\Downloads\Adobe_Acrobat_Pro_DC_2015
2017-01-11 16:47 - 2017-01-11 17:33 - 774196225 _____ C:\Users\Kedar\Downloads\Adobe_Acrobat_Pro_DC_2015.rar
2017-01-11 15:16 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 15:16 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 15:16 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 15:16 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 15:16 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 15:16 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 15:16 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 15:16 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 15:16 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 15:16 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 15:16 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 15:16 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 15:16 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 15:16 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 15:16 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 15:16 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 15:16 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 15:16 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 15:16 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 15:16 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 15:16 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 15:16 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 15:16 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 15:16 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 15:16 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 15:16 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 15:16 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 15:16 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 15:16 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 15:16 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 15:16 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 15:16 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 15:16 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 15:16 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 15:16 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 15:16 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 15:16 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 15:16 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 15:16 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 15:16 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 15:16 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 15:16 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 15:16 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 15:16 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 15:16 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 15:16 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 15:16 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 15:16 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 15:16 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 15:16 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 15:16 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 15:16 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 15:16 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 15:16 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 15:16 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 15:16 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 15:16 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 15:16 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 15:16 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 15:16 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 15:16 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 15:16 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 15:16 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 15:16 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 15:16 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 15:16 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 15:16 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 15:16 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 15:16 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 15:16 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 15:16 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 15:16 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 15:16 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 15:16 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 15:16 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 15:16 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 15:16 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 15:16 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 15:16 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 15:16 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:16 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 15:15 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 15:15 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 15:15 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 15:15 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 15:15 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 15:15 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 15:15 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 15:15 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 15:15 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 15:15 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 15:15 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 15:15 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 15:15 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 15:15 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 15:15 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 15:15 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 15:15 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 15:15 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 15:15 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 15:15 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 15:15 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 15:15 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 15:15 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 15:15 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 15:15 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 15:15 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 15:15 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 15:15 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 15:15 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 15:15 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 15:15 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 15:15 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 15:15 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 15:15 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 15:15 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 15:15 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 15:15 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 15:15 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 15:15 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 15:15 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 15:15 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 15:15 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 15:15 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 15:15 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 15:15 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 15:15 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 15:15 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 15:15 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 15:15 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 15:15 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 15:15 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 15:15 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 15:15 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 15:15 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 15:15 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 15:15 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 15:15 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 15:15 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 15:15 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 15:15 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 15:15 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 15:15 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:15 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 15:15 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 15:15 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 15:15 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 15:15 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 15:15 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 15:15 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 15:15 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 15:15 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 15:15 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 15:15 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 15:15 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 15:15 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 15:15 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 15:15 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 15:15 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 15:15 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 15:15 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 15:15 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 15:15 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 15:15 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 15:15 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 15:15 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-09 14:58 - 2017-01-09 14:58 - 00000000 ____D C:\Users\Kedar\Documents\League of Legends
2017-01-07 20:33 - 2017-01-07 20:34 - 00000000 ____D C:\Users\Kedar\Desktop\Účes
2017-01-07 12:18 - 2017-01-07 12:20 - 00000000 ____D C:\Program Files (x86)\abcAVI
2017-01-07 12:18 - 2017-01-07 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abcAVI Tag Editor
2017-01-07 12:18 - 2002-11-18 16:02 - 00040960 _____ C:\WINDOWS\SysWOW64\MMAVILNG.exe
2017-01-07 12:17 - 2017-01-07 12:17 - 02599520 _____ C:\Users\Kedar\Downloads\abcavi.exe
2017-01-07 12:16 - 2017-01-07 12:16 - 00013825 _____ C:\Users\Kedar\Downloads\czech.zip
2017-01-06 00:36 - 2017-01-06 00:36 - 00291078 _____ C:\Users\Pepa\Downloads\prilohy_13346.zip
2017-01-06 00:36 - 2017-01-06 00:36 - 00000000 ____D C:\Users\Pepa\AppData\Roaming\WinRAR
2017-01-05 22:31 - 2017-01-05 23:30 - 00000000 ____D C:\Users\Pepa\Desktop\cdc obrázky
2017-01-05 12:24 - 2017-01-05 12:24 - 06131932 _____ C:\Users\Pepa\Downloads\worlds_fastest_rail_train.wmv
2017-01-04 00:31 - 2017-01-04 00:31 - 07390053 _____ C:\Users\Pepa\Desktop\MASARYK.UNIVERZITA-PÁTEŘ.pdf
2017-01-03 15:54 - 2017-01-03 16:11 - 00281696 _____ C:\Users\Kedar\Downloads\Different Heaven - Safe And Sound.mp3.sfk
2017-01-02 13:33 - 2017-01-02 17:52 - 808223079 _____ C:\Users\Kedar\Desktop\Kimi no Na wa. (Your Name.) 2016 ENG Titulky.mp4
2017-01-01 20:37 - 2017-01-01 21:38 - 829511166 _____ C:\Users\Kedar\Downloads\Vzmuž-se-český-dabing-novinky-novinka.avi
2017-01-01 20:34 - 2017-01-01 20:34 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\ESET
2016-12-31 19:31 - 2016-12-31 19:31 - 00437275 _____ C:\Users\Pepa\Desktop\pf_2017-06-v.jpg
2016-12-30 13:54 - 2017-01-01 22:41 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Anvsoft
2016-12-30 13:54 - 2016-12-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
2016-12-30 13:53 - 2016-12-30 13:53 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2016-12-30 13:05 - 2016-12-30 13:05 - 00000078 _____ C:\Users\Kedar\.gtk-bookmarks
2016-12-30 12:57 - 2016-12-30 13:22 - 00000000 ____D C:\Users\Pepa\Desktop\Iva foto
2016-12-30 01:57 - 2016-12-30 01:57 - 00013008 _____ C:\Users\Pepa\Desktop\PF 2017.jpg
2016-12-25 14:57 - 2016-12-25 15:12 - 00000462 _____ C:\Users\Kedar\Desktop\DNS Ping.bat
2016-12-25 14:01 - 2016-12-25 14:05 - 26980038 _____ C:\Users\Kedar\Downloads\_SadeemPC.com_MPK263.rar
2016-12-25 12:38 - 2016-12-25 12:38 - 08779324 _____ C:\Users\Kedar\Desktop\Pavol Habera a TEAM - Reklama na ticho.mp3
2016-12-25 12:32 - 2016-12-25 12:32 - 09586703 _____ C:\Users\Kedar\Desktop\Pavol Habera a TEAM - Držím ti miesto.mp3
2016-12-25 11:01 - 2016-12-25 11:46 - 795934462 _____ C:\Users\Kedar\Downloads\Pošli-to-dál-2000-drama-cz-dab--endrjua-.avi
2016-12-24 22:35 - 2016-12-24 22:36 - 05863129 _____ C:\Users\Kedar\Desktop\IMG22_0001.jpg
2016-12-23 19:05 - 2016-12-23 19:05 - 00007693 _____ C:\Users\Kedar\Desktop\chat.txt
2016-12-23 19:04 - 2016-12-23 19:04 - 00299313 _____ C:\Users\Kedar\Desktop\2..png
2016-12-23 19:00 - 2016-12-23 19:00 - 00047819 _____ C:\Users\Kedar\Desktop\1..png
2016-12-22 14:04 - 2016-12-22 14:04 - 00408091 _____ C:\Users\Kedar\Desktop\sadasd.png
2016-12-21 15:39 - 2016-12-21 15:40 - 09153614 _____ C:\Users\Kedar\Downloads\Zelený vítr Heroltice 2016.mp4
2016-12-20 18:41 - 2016-12-20 19:19 - 00302337 _____ C:\Users\Kedar\Desktop\suicide-bridge-pasadena-ca-night.jpg
2016-12-20 13:18 - 2016-12-20 13:19 - 09839898 _____ C:\Users\Kedar\Downloads\Steep GIFs.zip
2016-12-20 13:12 - 2016-12-20 13:12 - 00527593 _____ C:\Users\Kedar\Downloads\Doklad_2164478263.pdf
2016-12-19 21:11 - 2016-12-19 21:11 - 00452048 _____ C:\Users\Kedar\Desktop\Fun1.png
2016-12-19 19:30 - 2016-12-19 19:30 - 00052258 _____ C:\Users\Pepa\Downloads\dodatPrikaz_78.pdf
2016-12-19 19:30 - 2016-12-19 19:30 - 00052258 _____ C:\Users\Pepa\Downloads\dodatPrikaz_78 (1).pdf
2016-12-19 19:21 - 2016-12-19 19:22 - 04121824 _____ (Husdawg, LLC) C:\Users\Kedar\Downloads\Detection.exe
2016-12-19 16:07 - 2016-12-19 16:07 - 00000000 ____D C:\Users\Kedar\AppData\LocalLow\Mad Studio
2016-12-18 19:00 - 2016-12-18 19:00 - 00207453 _____ C:\Users\Kedar\Downloads\winterflakes.zip
2016-12-18 15:04 - 2016-12-18 15:04 - 00000000 ____D C:\Users\Kedar\AppData\LocalLow\Nvizzio Creations
2016-12-18 12:41 - 2016-12-18 12:41 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\.mono
2016-12-18 12:41 - 2016-12-18 12:41 - 00000000 ____D C:\Users\Kedar\AppData\Local\Colossal Order
2016-12-18 12:41 - 2016-12-18 12:41 - 00000000 ____D C:\ProgramData\.mono

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-17 18:45 - 2016-09-02 11:29 - 00000000 ____D C:\Users\Kedar\Desktop\backups
2017-01-17 18:41 - 2016-09-15 14:29 - 00000000 ____D C:\Users\Kedar
2017-01-17 18:24 - 2016-12-05 11:07 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A0392849-7E90-4A37-BD28-5C933B5EE10D}
2017-01-17 18:23 - 2016-09-15 14:20 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-17 18:21 - 2016-09-15 14:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-17 10:56 - 2016-09-15 15:13 - 04821338 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-17 10:56 - 2016-09-15 15:13 - 01360968 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-17 10:56 - 2016-09-15 14:35 - 09651444 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-17 10:51 - 2016-11-21 19:43 - 00000000 ____D C:\Users\Pepa\AppData\Local\CrashDumps
2017-01-17 10:51 - 2016-09-15 14:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-17 02:05 - 2016-12-15 15:51 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2017-01-16 21:59 - 2016-10-16 10:14 - 00004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C2CDC9ED-445F-4D4B-BD37-D8409076345C}
2017-01-16 21:52 - 2016-07-23 16:18 - 00000000 ____D C:\Users\Kedar\Desktop\NEW
2017-01-16 15:34 - 2016-11-23 19:41 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-01-16 15:28 - 2016-09-15 15:09 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-16 15:28 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-01-15 21:57 - 2016-09-15 15:07 - 00000000 ____D C:\WINDOWS\INF
2017-01-15 20:53 - 2016-01-12 19:39 - 00000000 ____D C:\Users\Kedar\.gimp-2.8
2017-01-15 20:52 - 2016-09-15 19:45 - 00000000 ____D C:\Users\Kedar\AppData\Local\gtk-2.0
2017-01-15 18:46 - 2016-09-19 18:14 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Mp3tag
2017-01-15 18:41 - 2016-09-19 15:27 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Audacity
2017-01-15 15:36 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-15 14:57 - 2016-09-24 07:58 - 00000000 ____D C:\Users\Kedar\AppData\Local\CrashDumps
2017-01-15 13:36 - 2016-09-20 17:17 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\obs-studio
2017-01-14 22:03 - 2016-10-03 16:56 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\BitTorrent
2017-01-14 15:29 - 2016-10-18 15:21 - 00000000 ____D C:\ProgramData\Nero
2017-01-14 15:24 - 2016-10-18 15:25 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\Nero
2017-01-14 13:51 - 2016-09-15 14:17 - 00644960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-14 12:46 - 2016-09-15 18:34 - 00000000 ____D C:\ProgramData\Adobe
2017-01-14 12:40 - 2016-09-15 15:09 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-14 12:40 - 2016-09-15 14:37 - 00000000 ____D C:\Users\Kedar\AppData\Local\Packages
2017-01-13 20:59 - 2016-01-30 18:57 - 00000000 ____D C:\Users\Kedar\Documents\Ulozto
2017-01-13 20:52 - 2016-10-09 08:58 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\fontconfig
2017-01-13 20:17 - 2016-09-15 18:38 - 00003218 _____ C:\WINDOWS\System32\Tasks\klcp_update
2017-01-13 20:17 - 2016-09-15 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-01-13 20:17 - 2016-09-15 18:38 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-01-13 14:45 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-13 14:45 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-12 16:03 - 2016-01-10 20:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 15:32 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\rescache
2017-01-12 13:30 - 2016-09-15 20:25 - 00000000 ____D C:\Users\Pepa\AppData\Local\Packages
2017-01-12 13:29 - 2016-01-11 14:37 - 00000000 ____D C:\Users\Pepa\Documents\Pepík
2017-01-12 10:24 - 2016-09-15 14:50 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-12 10:24 - 2016-09-15 14:50 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-11 22:28 - 2016-09-15 20:25 - 00000000 ____D C:\Users\Pepa\AppData\Roaming\Adobe
2017-01-11 20:02 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 20:02 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 20:01 - 2016-09-15 15:09 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 20:01 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 20:01 - 2016-09-15 15:09 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 19:07 - 2016-09-15 15:02 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 19:02 - 2016-09-15 17:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 18:57 - 2016-09-15 17:09 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-11 17:38 - 2016-09-15 18:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-10 15:07 - 2016-09-22 18:37 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\TS3Client
2017-01-07 15:13 - 2016-10-25 18:55 - 00000000 ____D C:\Users\Kedar\Desktop\22
2017-01-07 12:26 - 2016-09-15 14:37 - 00000000 ____D C:\Users\Kedar\AppData\Local\VirtualStore
2017-01-06 13:43 - 2016-02-12 13:22 - 00000000 ____D C:\Users\Pepa\Desktop\skeny
2017-01-06 13:36 - 2016-01-11 14:39 - 00000000 ___RD C:\Users\Pepa\OneDrive
2017-01-02 21:47 - 2016-09-24 22:28 - 00000000 ____D C:\ProgramData\Intel
2016-12-29 15:39 - 2016-09-23 20:56 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\OBS
2016-12-24 20:41 - 2016-09-15 14:28 - 00000000 ____D C:\Users\Pepa
2016-12-23 00:13 - 2016-09-15 15:10 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-09-15 15:10 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-22 23:09 - 2016-12-17 19:50 - 00002298 _____ C:\Users\Kedar\AppData\Roaming\ASSDraw3.cfg
2016-12-22 22:45 - 2016-11-10 19:55 - 00000000 ____D C:\Users\Kedar\AppData\Local\Steam
2016-12-22 21:59 - 2016-09-15 19:37 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-12-22 21:59 - 2016-09-15 19:36 - 00000000 ____D C:\Program Files\paint.net
2016-12-20 08:26 - 2016-09-15 15:09 - 00000000 ___SD C:\Users\Default\AppData\Roaming\Microsoft
2016-12-20 08:26 - 2016-09-15 15:09 - 00000000 ___SD C:\Users\Default User\AppData\Roaming\Microsoft
2016-12-20 08:26 - 2016-09-15 15:09 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-20 08:25 - 2016-09-15 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-18 22:39 - 2016-09-15 14:29 - 00524288 ___SH C:\Users\Kedar\NTUSER.DAT{b91e44e6-7b46-11e6-97bc-d2c3f8dd3e46}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 22:39 - 2016-09-15 14:29 - 00065536 ___SH C:\Users\Kedar\NTUSER.DAT{b91e44e6-7b46-11e6-97bc-d2c3f8dd3e46}.TM.blf
2016-12-18 20:15 - 2016-10-07 14:49 - 00000000 ____D C:\Users\Kedar\AppData\Roaming\VC
2016-12-18 11:57 - 2016-11-06 19:46 - 00000000 ____D C:\Program Files\Adobe
2016-12-18 11:47 - 2016-11-09 15:26 - 00000000 ____D C:\Program Files\Common Files\Adobe

==================== Files in the root of some directories =======

2016-10-11 17:07 - 2016-11-09 21:41 - 0000033 _____ () C:\Users\Kedar\AppData\Roaming\AdobeWLCMCache.dat
2016-12-17 19:50 - 2016-12-22 23:09 - 0002298 _____ () C:\Users\Kedar\AppData\Roaming\ASSDraw3.cfg
2016-10-14 13:58 - 2016-10-14 14:41 - 0133240 _____ () C:\Users\Kedar\AppData\Roaming\net.telestream.wirecast.xml
2016-10-14 13:58 - 2016-10-14 13:58 - 0067454 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_AKAMAI_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0004755 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_BAMBUSER_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0004935 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_CHURCHSTREAMING_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0003931 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_DAILYMOTION_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0005919 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_LIGHTCAST_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0004356 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_MAKETV_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0003439 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_MERIDIX_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0003825 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_MERIDIX_AFFILIATE_ID_brandingimage_main.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0016357 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_ONSTREAM_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0010088 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMINGCHURCH_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0004482 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMINGCHURCH_AFFILIATE_ID_brandingimage_main.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0007122 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMING_MEDIA_HOSTING_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:58 - 2016-10-14 13:58 - 0008261 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMSHARK_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0010619 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMVU_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0005241 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAM_SPOT_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0008986 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_SUNDAY_STREAMS_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0003213 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_THE_CUBE_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0022670 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_TILTEDGLOBE_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0003302 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_TULIX_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0008949 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_VERIZON_AFFILIATE_ID_brandingimage_destination.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0008949 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_VERIZON_AFFILIATE_ID_brandingimage_main.png
2016-10-14 13:59 - 2016-10-14 13:59 - 0008683 _____ () C:\Users\Kedar\AppData\Roaming\net_telestream_wirecast_partner_NO_ZIXI_AFFILIATE_ID_brandingimage_destination.png
2017-01-15 20:52 - 2017-01-15 20:52 - 0037054 _____ () C:\Users\Kedar\AppData\Local\recently-used.xbel
2016-12-04 14:03 - 2016-11-23 14:37 - 0000570 _____ () C:\Users\Kedar\AppData\Local\TroubleshooterConfig.json
2016-09-15 14:21 - 2016-09-15 14:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-15 15:51 - 2017-01-17 18:21 - 0003771 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-15 15:51 - 2017-01-17 02:05 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1

Some files in TEMP:
====================
C:\Users\Kedar\AppData\Local\Temp\kernel32.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-12 15:27

==================== End of FRST.txt ============================
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod jaro3 » 17 led 2017 19:09

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-4277202032-399617156-2875458357-1004\...\MountPoints2: {35875241-864c-11e6-97dc-5404a6034d5e} - "D:\Startme.exe"
SearchScopes: HKU\S-1-5-21-4277202032-399617156-2875458357-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
C:\Users\Kedar\AppData\Local\Temp\kernel32.dll
HKU\S-1-5-21-4277202032-399617156-2875458357-1004\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION

EmptyTemp:
End


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\WINDOWS\Minidump
zadal si téma do sekce BSOD?

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 19:10

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2017
Ran by Kedar (17-01-2017 18:51:48)
Running from C:\Users\Kedar\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-15 13:36:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277202032-399617156-2875458357-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4277202032-399617156-2875458357-503 - Limited - Disabled)
Guest (S-1-5-21-4277202032-399617156-2875458357-501 - Limited - Disabled)
Kedar (S-1-5-21-4277202032-399617156-2875458357-1004 - Administrator - Enabled) => C:\Users\Kedar
Pepa (S-1-5-21-4277202032-399617156-2875458357-1006 - Limited - Enabled) => C:\Users\Pepa

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 10.0.369.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 10.0.369.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abcAVI (HKLM-x32\...\abcavi_tag_editor_is1) (Version: - Alexander Sorkin aka Kibi)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Aktualizace NVIDIA 23.1.0.0 (Version: 23.1.0.0 - NVIDIA Corporation) Hidden
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Any Video Converter Ultimate 6.0.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.29.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 16.12.0020 - Bloody)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Smart Security (HKLM\...\{7B931A02-53C9-42BA-BA69-327A1BDD16D1}) (Version: 10.0.369.1 - ESET, spol. s r.o.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB0C4AC6-0E52-4956-8245-4C715E85FF09}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
K-Lite Mega Codec Pack 12.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.7.5 - KLCP)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 18.0.0014 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{0D3990C0-2F2F-4D0F-BD10-9103F5C63B85}) (Version: 15.0.00500 - Nero AG)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OSDownloader (HKLM-x32\...\{C02C8C82-197C-46C1-AD18-EB0F5BF49F8A}_is1) (Version: 1.3 - OpenSubtitles.org)
Ovládací panel NVIDIA 376.33 (Version: 376.33 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Prerequisite installer (x32 Version: 18.0.0003 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Resource Hacker Version 4.4.26 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TEncoder Video Converter version 4.5.10 (HKLM-x32\...\{7B1F9D22-568D-4109-B128-040BF8A932FC}_is1) (Version: 4.5.10 - ozok)
Ulož.to FileManager verze 2.02 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.02 - Uloz.to cloud a.s.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07FC5B47-DB18-46EA-BFBD-A284E8D6523B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {13CE1E4E-3795-452C-A543-21AB4A3675D7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {2571A09A-2516-407A-9A9F-25DB7B831DBB} - System32\Tasks\{B887A6B0-F8AB-4531-833B-14B16200EEC6} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\removeAdAppMgr.exe"
Task: {38D7EDD7-17B4-4E7E-8631-C857143B2342} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-11-14] (Nero AG)
Task: {58A875D3-1BD1-47AA-BE48-26C8D193298D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {692F6D0B-3F06-4659-B204-4DE4E11B32BB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {86936FA4-79D0-4C32-825D-9858488E3BE5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {87587C70-47C7-46C9-8211-268B216B90E0} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {998E4ADA-70D5-46D4-8A60-FAA2124588B7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {9F339BC0-6688-4CFD-B849-6981D741C6D5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {A20FB304-B56B-49FF-8BDE-402DD1F07D47} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-15] (Google Inc.)
Task: {B89736BE-A1F1-44C0-9582-BA67859C0431} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18] (Realtek Semiconductor)
Task: {BA22F426-AD43-4D8F-A270-3704C252FB3F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BEBD3DA8-8C3C-4E2E-A24B-963D37634358} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
Task: {D00470FE-CB53-421D-B111-87F9E372F858} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-15] (Google Inc.)
Task: {D7FAE842-F5A7-4F23-9358-08C6F7067210} - System32\Tasks\{A48941FC-9115-4BD6-8B2B-CCAD086C7BA9} => pcalua.exe -a "C:\ProgramData\Package Cache\{25779f5d-6b0a-4e11-89e8-441b93c6ce2b}\Setup.exe" -c /uninstall
Task: {D8828C8E-D11E-4D4A-9029-127E6AB8B6AF} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {F6DC3E3D-5049-47A7-983C-76B9F4DAC942} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {FAD214B1-BEA7-4943-AD91-7ECEC70D47A9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 14:26 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 17:54 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-10-09 12:29 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-09 12:29 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-15 14:19 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 14:26 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-06-10 01:41 - 2016-06-10 01:41 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-17 22:42 - 2016-09-17 22:42 - 01864384 _____ () C:\Users\Pepa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-15 17:06 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 15:15 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 15:15 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 15:15 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 15:15 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 15:15 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 15:15 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-01-12 10:24 - 2017-01-11 08:21 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.59\libglesv2.dll
2017-01-12 10:24 - 2017-01-11 08:21 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.59\libegl.dll
2016-12-28 11:52 - 2016-12-28 11:52 - 31167576 _____ () C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll
2016-12-14 14:26 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-15 14:41 - 2016-09-15 14:41 - 00959168 _____ () C:\Users\Kedar\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-11-02 11:31 - 2016-11-02 11:31 - 00230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-01-11 15:15 - 2016-12-21 08:08 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-10-09 12:29 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-09 12:29 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-09 12:29 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-09 12:29 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-09 12:29 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-09 12:29 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-09 12:29 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-09 12:29 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-09 12:29 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-15 15:51 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4277202032-399617156-2875458357-1004\Software\Classes\regfile: regedit.exe "%1" <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-09-15 15:09 - 2017-01-16 15:08 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277202032-399617156-2875458357-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-4277202032-399617156-2875458357-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Pepa\Desktop\kvet12369.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4277202032-399617156-2875458357-1004\...\StartupApproved\Run: => "Bloody2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{20DFFEAF-D0B6-42AB-A49D-CDE054F9A129}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{9BFBC71E-9943-4A0D-8384-93E8D5468827}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{B4C6FB57-A1C4-4FF9-B3C1-EB762539E9C3}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{225E77EF-CD4D-4986-B119-04BF0BF08575}] => LPort=2869
FirewallRules: [{46F77143-8A83-4160-9553-74ACC24F4BD9}] => LPort=1900
FirewallRules: [{B88BFBDA-670B-4139-8D2C-71B1F551B6ED}] => E:\Hry\Steam\Steam.exe
FirewallRules: [{D5F62A28-9405-4679-9263-D2FC89C6658F}] => E:\Hry\Steam\Steam.exe
FirewallRules: [{545413D5-9C0E-410D-ABD6-46C19A1859EB}] => E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{8B84F7F9-E48E-464C-8937-0BA76B8ED3C1}] => E:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{87F7A289-8132-40CD-A14A-CE6500582E7D}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{81C2B9BE-EC54-4BF5-8F6F-39D4E1617A52}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B266EECC-BC37-412B-B9DF-B5FE4CB7E9EC}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F860BBFD-2782-4B2B-AA38-3FDE5E1C657D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7D8D0ADE-BB40-445D-9085-5D6496B8975A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{48472C2B-E57B-40B9-A3AE-EEEEAFBDF46D}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2F345087-F37E-4A97-B961-752705BC0678}] => E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{943A9D69-D77F-4748-92DA-E3D082039E1B}] => E:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71DE99B8-F475-4FF4-9BBB-611EA1E82437}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2017 10:51:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d270a75312631c
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: d2e7e2af-ea5c-44c4-93ff-6e4b2163e1e7
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (01/16/2017 11:57:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2017 11:57:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1c68
Čas spuštění chybující aplikace: 0x01d2704be6d5cf76
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 24bddbf3-e348-47ec-8465-df8fbbb2153b
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (01/16/2017 01:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2017 01:31:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1f3c
Čas spuštění chybující aplikace: 0x01d26ff4659e9a5e
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 9f2a0ed2-e036-4132-80b1-b28d68cf05b6
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (01/15/2017 09:36:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/15/2017 09:36:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/15/2017 09:06:33 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (01/15/2017 09:06:33 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (01/15/2017 09:06:18 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000


System errors:
=============
Error: (01/17/2017 06:21:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 06:21:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 06:21:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 06:21:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 03:26:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 10:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 10:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 10:51:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2017 02:05:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2017 11:57:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2017-01-17 10:51:55.171
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-17 10:51:55.167
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-17 10:51:55.163
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-17 10:51:55.123
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-16 23:57:07.631
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-16 23:57:07.625
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-16 23:57:07.620
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-16 23:57:07.578
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\Drivers\eelam\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-16 21:51:18.581
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-01-16 21:51:18.576
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\eelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 24%
Total physical RAM: 8102.69 MB
Available physical RAM: 6102.97 MB
Total Virtual: 10406.69 MB
Available Virtual: 8125.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.31 GB) (Free:11.26 GB) NTFS
Drive e: () (Fixed) (Total:125 GB) (Free:35.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 16170DB5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=785 MB) - (Type=27)
Partition 4: (Not Active) - (Size=125 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 19:13

Něco mi říká že ten můj problém bude mít společného něco s tímhle...

==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2017 10:51:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d270a75312631c
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: d2e7e2af-ea5c-44c4-93ff-6e4b2163e1e7
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (01/16/2017 11:57:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2017 11:57:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1c68
Čas spuštění chybující aplikace: 0x01d2704be6d5cf76
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 24bddbf3-e348-47ec-8465-df8fbbb2153b
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (01/16/2017 01:31:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KEDAR-PC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/16/2017 01:31:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.693, časové razítko: 0x585a272f
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1f3c
Čas spuštění chybující aplikace: 0x01d26ff4659e9a5e
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 9f2a0ed2-e036-4132-80b1-b28d68cf05b6
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod jaro3 » 17 led 2017 19:14

Script je výše , jen jsem doplnil jeden řádek.
to asi ne Cortana..

Drive c: () (Fixed) (Total:97.31 GB) (Free:11.26 GB) NTFS
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 19:20

No ten Minidump měl něco společného s Kernelem ......
A ve FRST se má fixnout C:\Users\Kedar\AppData\Local\Temp\kernel32.dll
Tak se chci jen tak zeptat jestli se něco nestane špatného ? :D
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 19:25

Blbá otázka můžu smazat normálně složku C:\Windows.old ? Má totiž 5,97 GB.
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 19:27

Jenže to vyhledávání je část Cortany...
http://imgWorld.cz/s3/iwBtEjEwKW.png

Obrázek
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod jaro3 » 17 led 2017 19:45

C:\Windows.old -- to je stará verze windows , pokud se k ní nechceš vrátit , nebo něco přesunout , tak můžeš smazat , nejlépe v nouz. režimu.

jaké vyhledávání? Cortana? To nech být , je to tam často.

co sekce BSOD? Máš tam soubory v minidump , zabývá se tím někdo?

udělej ten script. a CDI.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 20:17

Rád bych to smazal ale nějak to nejde.
Ano byl jsem první v nouzovém a tam to smazalo většinu až na tohle. A tohle nejde smazat ani v nouzovém režimu ano normálním.
śsddsa.png
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 20:35

Ok, dal jsme to do Unlockeru něco smazal ale teď mi nejde otevřít Start...
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S

Uživatelský avatar
KedarCZE
Level 3
Level 3
Příspěvky: 411
Registrován: říjen 14
Bydliště: Severní Morava
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu + problém

Příspěvekod KedarCZE » 17 led 2017 20:37

Ale stejně tam něco zůstalo.
sadsdsad.png
OS: Windows 10 64 bit
MB: ASUS PRIME X570-P
Procesor: AMD Ryzen 7 3700X
Grafika: MSI GeForce RTX 3060 Ti Gaming Z TRIO
RAM: Kingston HyperX Fury 16 GB (2 x 8 GB) DDR4-3200 CL16
Zdroj: MSI MPG A750GF
SSD: Kingston SSD A2000 500 GB
HDD: Seagate IronWolf 4 TB
Monitor: Dell S2721D
Case: Fractal Design Define S


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Seznam[Bot] a 13 hostů